<!DOCTYPE html>
<html class='v2' dir='ltr' xmlns='http://www.w3.org/1999/xhtml' xmlns:b='http://www.google.com/2005/gml/b' xmlns:data='http://www.google.com/2005/gml/data' xmlns:expr='http://www.google.com/2005/gml/expr'>
<head>
<link href='https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css' rel='stylesheet' type='text/css'/>
<meta content='width=1100' name='viewport'/>
<meta content='X3PX4lxDgtVDGNZv1C7JhtjCIQXvizn6IzKnrLs6UmM' name='google-site-verification'/>
<meta content='u1Umno2V51sOefvZSupzfrrGof2xXx6743-CzHdL-Q4' name='google-site-verification'/>
<meta content='text/html; charset=UTF-8' http-equiv='Content-Type'/>
<meta content='blogger' name='generator'/>
<link href='https://blog.talosintelligence.com/favicon.ico' rel='icon' type='image/x-icon'/>
<link href="https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html" rel='canonical' />
<link rel="alternate" type="application/atom+xml" title="Cisco Talos Intelligence Group - Comprehensive Threat Intelligence - Atom" href="https://blog.talosintelligence.com/feeds/posts/default" />
<link rel="alternate" type="application/rss+xml" title="Cisco Talos Intelligence Group - Comprehensive Threat Intelligence - RSS" href="https://blog.talosintelligence.com/feeds/posts/default?alt=rss" />
<link rel="service.post" type="application/atom+xml" title="Cisco Talos Intelligence Group - Comprehensive Threat Intelligence - Atom" href="https://www.blogger.com/feeds/1029833275466591797/posts/default" />

<link rel="alternate" type="application/atom+xml" title="Cisco Talos Intelligence Group - Comprehensive Threat Intelligence - Atom" href="https://blog.talosintelligence.com/feeds/1664675579510275690/comments/default" />
<!--[if IE]><script type="text/javascript" src="https://www.blogger.com/static/v1/jsbin/2068738220-ieretrofit.js"></script>
<![endif]-->
<meta content='http://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html' property='og:url'/>
<meta content='An introduction to offensive capabilities of Active Directory on UNIX' property='og:title'/>
<meta content='A blog from the world class Intelligence Group, Talos, Cisco&#39;s Intelligence Group' property='og:description'/>
<!--[if IE]> <script> (function() { var html5 = ("abbr,article,aside,audio,canvas,datalist,details," + "figure,footer,header,hgroup,mark,menu,meter,nav,output," + "progress,section,time,video").split(','); for (var i = 0; i < html5.length; i++) { document.createElement(html5[i]); } try { document.execCommand('BackgroundImageCache', false, true); } catch(e) {} })(); </script> <![endif]-->
<title>Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: An introduction to offensive capabilities of Active Directory on UNIX</title>
<link href='https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono' rel='stylesheet'/>
<style id='page-skin-1' type='text/css'><!--
.CSS_LIGHTBOX {
z-index: 9999 !important;
}
html,body,div {
margin:0;
padding:0;
border:0;
}
html,body {width:100%;height:100%;position:relative;}
body {
display: table;
background-color: #26282A;
overflow-x: hidden;
color: #FFF;
font-family: 'Roboto', sans-serif;
font-weight: 300;
font-size: 11.5pt;
line-height: 1.5em !important;
text-align:left;
}
#header {
display: none;
}
a {
color: #ffffff;
}
a:hover {
color: #f19615 !important;
}
.widget {
line-height: 1.5em;
}
/* Float Controls */
.float-left  { float: left; }
.float-right { float: right; }
#page_wrapper {
min-height: 100%;
min-width:  100%;
background-color: #26282A;
position: relative;
top:    0;
bottom: 100%;
left:   0;
z-index: 300;
/*display: table-row; This was needed for sticky footer, but interferes with new mobile nav*/
}
.col_single {
max-width: 1200px;
width: 100%;
margin: 0 auto;
height: 100%;
float: none;
padding: 80px 15px 150px 15px;
}
.col_single .col-xs-12 { padding: 0 35px; }
.col-xs-12.wide { padding: 0 15px;}
#main-wrapper {
margin-left: 2%;
width: 98%;
display: inline;
word-wrap: break-word;
overflow: hidden;
}
@media (min-width: 950px) {
#main-wrapper {
width: 67%;
float: left;
}
}
label {
font-weight: 300;
text-align: left;
font-size: 10pt;
font-family: 'Roboto', sans-serif;
text-transform: none;
left: 0;
line-height: 1em !important;
display: block;
color: #bdb5b5;
padding-bottom: 4px;
}
/********* Navigation styles **********/
/* full navigation wrapper(s) */
#nav {
/*height: 100%;*/
margin: auto;
font-family: 'Roboto', sans-serif;
font-weight: 300;
font-size: 11pt;
background-color: #1f1f21;
}
#navigation {
width:  100%;
height: 100%;
position: fixed;
top:    0;
right:  0;
bottom: 0;
left:   0;
z-index: 0;
background-color: #005f8e;
text-align: left;
padding: 0;
}
/** This section after removing icons from desktop display **/
#top-nav-bar {
background-color: #161617;
color: #bfbfbf;
font-size: 11px;
font-weight: 400;
text-transform: uppercase;
text-align: right;
padding: 1px 12px;
/* only show on desktop sizes */
display: none;
}
.top-nav-links-wrapper li.site-link a {
padding-left: 20px !important;
background-size: 14px;
background-position: 0 4px;
font-weight: 400 !important;
color: #bfbfbf !important;
width: 100%;
height: 25px;
}
.top-nav-links-wrapper li.site-link a:hover {
color: #fff !important;
}
.account-link { background-image: url('icon_account_small.svg'); }
.account-link:hover { background-image: url('icon_account_small_white.svg'); }
li.site-link a {
background-repeat: no-repeat;
}
.navigation-links-wrapper .site-link a {
background-size: 100%;
background-position: center center;
min-width: 20px;
min-height: 20px;
margin-bottom: -4px;
}
.navigation-links-wrapper .site-link:first-of-type {
margin-left: 50px;
}
/* Navigation needs to be behind page wrapper for mobile but in front of it for desktop */
@media (min-width: 1000px) {
#nav {
height: 80px !important;
font-size: 9pt;
}
#navigation {
z-index: 500;
background-color: transparent;
text-align: center;
position:relative;
}
#top-nav-bar {
display: block;
}
}
#nav ul {
list-style: none;
margin:  0;
padding: 0;
display: block;
}
#nav ul.main-nav-list {
margin: 0 auto;
left: 0;
}
#nav li {
text-align: left;
}
.nav-item {
width: 300px;
border: 1px solid #005f8e;
}
#nav a {
color: #fff;
font-weight: 300;
display: block;
height: 100%;
width:  100%;
-webkit-transition: color 0.2s ease, background-color 0.5s ease;
-moz-transition:    color 0.2s ease, background-color 0.5s ease;
-o-transition:      color 0.2s ease, background-color 0.5s ease;
transition:         color 0.2s ease, background-color 0.5s ease;
}
#nav a:hover { color: #fff; background-color: #393d43; }
.nav-item a  { padding: 10px 15px; }
.nav-item:hover { border: 1px solid #393d43; }
@media (min-width: 1000px) {
.nav-item, .nav-item:hover { border: none; }
}
.primary_nav_link{
text-decoration:none
}
/* Overrides natural list display styles for horizontal nav on desktop */
/* Also splits navigation so there is a section on either side of logo */
@media (min-width: 1000px) {
#nav a {
padding: 0;
font-weight: 400;
}
#nav a.primary_nav_link {
/* increasing contrast */
color: #fff;
font-size: 1.1em;
padding-top: 19px;
padding-bottom: 19px;
font-weight: 300;
}
#nav a.primary_nav_link:hover span {
box-shadow: 0 2px 0 0 #0076be;
}
#nav a.primary_nav_link:hover{
color: #fff!important
}
#nav a:hover {
background-color: transparent;
}
#nav li {
display: inline-block;
text-align: center;
height: 100%;
margin: 0 8px;
}
#nav .sub-nav li { display:block;}
#nav span { display: block; line-height: 1.15em; }
}
@media (min-width: 1300px) {
#nav li { margin: 0 .5rem;}
#nav a.primary_nav_link {
font-size: 1.25em;
}
}
.break { display: none;}
/* Spacing between nav icons on large displays, also changes word breaks on longer link titles */
@media (min-width: 1000px) { .break { display: inline !important; } }
@media (min-width: 1170px) { .break { display: none !important; } }
/* end structural styles */
/****** LOGOS ******/
.navigation-logos-wrapper {
display: block;
float: left;
min-width: 300px;
padding-top: 8px;
text-align: left;
}
.navigation-links-wrapper {
display:block;
}
@media (min-width: 1000px) {
.navigation-links-wrapper {
display:inline-block;
margin-left: -75px;
}
}
@media (min-width: 1300px) {
.navigation-links-wrapper {
display:inline-block;
margin-left: -115px;
}
}
@media (min-width: 1600px) {
.navigation-links-wrapper {
/* centers links, accounts for logo wrapper on left of desktop nav */
margin-left: -357px;
padding-top:2px;
}
}
#cisco-logo-wrapper, #talos-logo-wrapper {
display: inline-block;
}
#cisco-logo-wrapper {
border-right: 1px solid #3f4143;
margin-left: 10px;
margin-right: 12px;
background-image: url('https://www.talosintelligence.com/assets/logo_cisco_white.svg');
background-repeat: no-repeat;
width: 82px;
height: 35px;
opacity: 0.6;
}
#talos-logo-wrapper svg {
height: 36px;
width: auto;
}
#talos-logo-wrapper svg path.st1 {
fill: #0077BE;
}
#nav-logo svg {
transition:         max-width 0.2s ease;
-webkit-transition: max-width 0.2s ease;
-moz-transition:    max-width 0.2s ease;
-o-transition:      max-width 0.2s ease;
}
#nav-logo svg path {
transition:         fill 0.2s ease;
-webkit-transition: fill 0.2s ease;
-moz-transition:    fill 0.2s ease;
-o-transition:      fill 0.2s ease;
}
@media (min-width: 1000px) {
#nav-logo {
background-color: transparent;
}
}
/* Mobile navigation has an additional icon for 'home' in the shelf menu since
/* the main logo stays in the center of the page away from other menu items */
#mobile-nav-topper {
display: inline-block;
width: 300px;
padding: 9px 10px 4px 10px;
background-color: #1278ba;
border-bottom: 1px solid #fff;
text-align: center;
}
#mobile-nav-topper a:hover {
background: transparent !important;
}
@media (min-width: 1000px) {
#mobile-nav-topper { display: none; }
}
/* end mobile logo styles */
/****** NAVIGATION LINK ICONS *******/
.nav-item svg {
padding-top: 3px;
margin-top: 7px;
}
@media (min-width: 1000px) {
.nav-item svg { padding: 0; margin: 0; }
}
#link_blog { margin-top: -1px; } /* Adjusts for pencil that sticks slightly above icon box */
/****** LINK TEXT ADJUSTMENTS ******/
#nav span {
padding-left: 15px;
vertical-align: 5px; /* offsets span sitting at bottom of <a> tag on mobile nav */
}
@media (min-width: 1000px){
#nav span {
padding-left: 0;
vertical-align: baseline;
}
.primary_nav_link svg {
display: none;
}
}
/* Mobile Shelf Styles */
.nav-trigger + label, #page_wrapper, #nav-logo, #footer, .sub-nav-trigger, .sub-nav {
transition:         left 0.2s;
-webkit-transition: left 0.2s;
-moz-transition:    left 0.2s;
-o-transition:      left 0.2s;
}
.nav-trigger:checked + label, .nav-trigger:checked ~ #page_wrapper, .nav-trigger:checked ~ #nav-logo, .nav-trigger:checked ~ #footer {
left: 300px;
}
.sub-nav-trigger:checked ~ .sub-nav {
left: 50px;
}
.sub-nav-trigger:checked ~ .subnav-overlay {
visibility: visible;
opacity: 1;
}
/* If someone expands mobile nav menu and then changes browser window to desktop nav (over 1000px) */
@media (min-width: 1000px) {
.nav-trigger:checked + label, .nav-trigger:checked ~ #page_wrapper, .nav-trigger:checked ~ #nav-logo, .nav-trigger:checked ~ #footer {
left: 0;
}
.sub-nav-trigger:checked ~ .sub-nav {
left: 0;
}
.desktop-hide { display: none !important; }
}
/* Mobile sub navigation styles */
.primary-link-wrapper {
width: 243px;
display: inline-block;
}
.subnav-overlay {
width:  100%;
height: 100%;
position: fixed;
top:    0;
right:  0;
bottom: 0;
left:   0;
background-color: #005f8e;
visibility: hidden;
opacity: 0;
transition: visibility 0s, opacity 0.25s linear;
}
.subnav-overlay svg {
opacity: 0.5;
margin: 10px 0 0 10px;
}
.sub-nav {
width:  100%;
height: 100%;
position: fixed;
top:    0;
right:  0;
bottom: 0;
left:   300px;
z-index: 1;
list-style: none;
background: #393d43;
}
.sub-nav li {
width: 100%;
height: auto;
}
.sub-nav li a {
display: block;
padding: 12px 20px;
color: white;
text-decoration: none;
}
.sub-nav a:hover {
background-color: #f19615;
}
.subnav-back-button {
cursor: pointer;
width: 100%;
padding: 20px;
background-color: #2d3035;
}
/* css chevron */
.subnav-back-button::before {
border-style: solid;
border-width: 3px 3px 0 0;
content: '';
display: inline-block;
height: 12px;
width:  12px;
position: relative;
vertical-align: top;
transform: rotate(-135deg);
margin-right: 30px;
}
.sub-nav h1 {
font-family: "Roboto", Helvetica, Arial, sans-serif;
text-transform: none;
font-weight: 300;
font-size: 16pt;
padding-top: 10px;
margin-top: 20px;
margin-bottom: 10px;
}
.sub-nav-trigger-label:hover svg g circle {
fill: #f19615;
}
.sub-nav-trigger-label:hover {
background-color: #393d43;
}
.sub-nav-trigger-label {
cursor: pointer;
padding: 0;
margin:  0;
text-align: center;
display: inline-block;
float: right;
width: 55px;
-webkit-transition: color 0.2s ease, background-color 0.5s ease;
-moz-transition:    color 0.2s ease, background-color 0.5s ease;
-o-transition:      color 0.2s ease, background-color 0.5s ease;
transition:         color 0.2s ease, background-color 0.5s ease;
}
@media (min-width: 1000px) {
.sub-nav-trigger-label, .sub-nav-trigger {
display: none;
}
.primary-link-wrapper {
width: auto;
display: block;
height: 100%;
}
}
/* Subnav (dropdown) styles for desktop and large mobile */
@media (min-width: 1000px) {
.sub-nav {
display:block !important;
height: 0;
top: 80px;
z-index: 5000;
padding: 0;
margin-left: -55px !important;
white-space: nowrap;
text-align: left !important;
left: auto;
right: auto;
bottom: auto;
}
#nav ul::before, #nav ul::after {
content: "";
display: table;
}
#nav ul::after {
clear: both;
}
.sub-nav li {
overflow: hidden;
text-align: left !important;
background-color: #393d43;
height: 0;
width: 230px;
-webkit-transition: height 200ms ease-in, background-color 0.3s ease;
-moz-transition:    height 200ms ease-in, background-color 0.3s ease;
-o-transition:      height 200ms ease-in, background-color 0.3s ease;
transition:         height 200ms ease-in, background-color 0.3s ease;
}
.sub-nav a {
display: inline-block;
margin-top: -4px;
padding: 10px !important;
}
.sub-nav li:hover {
background-color: #f19615;
}
.sub-nav li:hover a {
color: #212224 !important;
font-weight: 500 !important;
}
#nav ul > li:hover .sub-nav li {
height: 36px !important;
}
}
/* Mobile shelf trigger styles */
/* hides the checkboxes */
.nav-trigger, .sub-nav-trigger {
position: absolute;
clip: rect(0, 0, 0, 0);
display: block;
}
label[for="nav-trigger"] {
position: fixed;
padding: 15px 0 0 15px;
z-index: 9900;
height: 50px;
width:  100px;
cursor: pointer;
display: block;
}
.nav-item {
height: 55px;
}
@media (min-width: 1000px) {
.nav-trigger, label[for="nav-trigger"] { display: none; }
.nav-item { width: auto; border: none;}
}
.login-button {
border-radius: 2px;
background-color: #0076be;
color: #fff !important;
padding: 0 6px !important;
line-height: 1.75em;
-webkit-transition: background .5s;
transition: background .5s;
}
.login-button:hover {
background-color: #f19615 !important;
}
.login-button svg {
display: block;
float: left;
height: 15px;
width: 15px;
margin-top: -3px;
}
.login-button svg path {
fill: #9EA0A5;
-webkit-transition: fill 0.2s ease;
-moz-transition:    fill 0.2s ease;
-o-transition:      fill 0.2s ease;
transition:         fill 0.2s ease;
}
.login-button:hover svg path {
fill: #fff;
}
.display-name {
text-transform: none;
color: #fff;
}
.desktop-hide .login-button {
max-width: 280px;
padding: 12px 24px !important;
font-weight: 400 !important;
background-color: #fff;
color: #25272a !important;
text-align: center;
font-size: 1.1em !important;
}
.acct_links {
color: #fff;
font-weight: 300 !important;
font-family: 'Roboto', sans-serif;
margin: 0;
padding-top: 5px;
padding-left: 10px;
height: auto !important;
}
/*********** Footer Styles *********/
#footer {
clear: both;
min-height: 110px;
text-align: center;
color: #cfd0d4;
font-size: 10.5pt;
font-family: 'Roboto', sans-serif;
font-weight: 400;
width: 100%;
background-color: #212224;
display: block;
position: absolute;
}
.copyright{
font-size: .85em;
font-weight: 300;
padding-top: .75em;
color: #cfd0d4
}
a.copyright-underline{
box-shadow:0 1px 0 0 #ed6f09;
text-decoration:none!important;
}
#footer .footer_nav_wrapper {
margin: auto;
}
#footer ul {
margin: auto;
list-style: none;
}
#footer a {
font-family: 'Roboto', sans-serif!important;
color:#cfd0d4!important;
text-decoration:none;
}
ul.footer_nav {
text-align: center;
padding: 0 20px;
}
.footer_nav li a{
display: inline-block;
width: 195px!important;
line-height: 21px!important;
font-weight: 300;
}
@media  screen and (min-width: 992px) {
ul.footer_nav {
text-align: left;
}
}
.nopad {
margin: 0;
padding: 0;
}
ul.footer_nav li.list_col {
text-align: center;
}
ul.footer_nav li ul li {
padding: 1px 0;
}
/* styles for full width nav col with straight 1 col list of links - small mobile screens */
ul.footer_nav li ul.pad.second.last {
padding-bottom: 32px;
}
ul.footer_nav li ul.pad.first.top {
padding-top: 32px;
padding-left: 0;
}
ul.footer_nav ul {
padding-left: 0;
}
@media screen and (min-width: 450px) {
/* styles for full width nav col, 2 list cols */
ul.footer_nav li ul.pad {
padding: 32px 25px 32px 0;
}
ul.footer_nav li ul.pad.last {
padding-right: 0;
padding-left: 0;
}
ul.footer_nav li ul.pad.second {
padding-top: 0;
}
ul.footer_nav li ul.pad.first {
padding-bottom: 0;
}
ul.footer_nav li.list_col {
display: inline-block;
text-align: left;
}
}
@media screen and (min-width: 800px) {
/* styles for full width nav col, 4 list cols */
ul.footer_nav li ul.pad.first, ul.footer_nav li ul.pad.second {
padding: 32px 28px 32px 0;
}
li.nopad {
display:inline-block;
}
}
@media screen and (min-width: 1050px) {
/* styles for full width nav col, expanded 4 list cols - large screens */
ul.footer_nav li ul.pad {
padding: 32px 40px 32px 0;
}
}
#footer .footer_corporate img {
max-width: 85px;
margin-top: 20px;
}
.underline {
text-decoration: underline;
}
.footer_corporate {
padding-bottom: 15px;
border-top: 2px solid #3f4143;
line-height: 1.35em;
}
#footer h5 {
font-weight: 400;
font-size: 11pt;
text-align: center;
color: #9ea0a5;;
letter-spacing: .25pt;
}
.row {
clear: both;
}
@media  screen and (min-width: 992px) {
.connect_social ul {
text-align: right;
padding-right: 20px;
padding-bottom: 0;
}
.connect_social {
width: 25%;
display:inline-block;
}
.col-md-9 {
width:75%;
float: left;
}
#footer h5 {
padding-top: 35px;
text-align: right;
padding-right: 52px;
}
}
.connect_social ul {
text-align: center;
padding-right: 0;
padding-bottom: 7px;
padding-left: 0;
}
.connect_social ul li {
display: inline-block;
}
.connect_social ul li img {
width: 33px;
height: 33px;
margin: 5px 3px;
}
#footer .connect_social h5{
padding-right: 0;
text-align: center;
}
#footer a {
color: rgba255,255,255,.25)
cursor: pointer;
font-family: "Exo 2", sans-serif;
}
#footer a:hover {color: #f19615;}
.full-height {
height: 100%
}
#content-wrapper {
display: inline-block;
}
/*********** Sidebar Styles ************/
#sidebar-wrapper {
margin-right: 2%;
display: inline;
word-wrap: break-word;
overflow: hidden;
padding-top: 20px;
border-left: 2px solid #26282A;
}
@media (min-width: 950px) {
#sidebar-wrapper {
width: 25%;
float: right;
}
}
.sidebar h2 {
font-family: 'Exo 2', sans-serif;
font-weight: 700;
color: #3f7b9f;
text-transform: uppercase;
font-size: 11pt;
letter-spacing: 1.5pt;
}
.sidebar ul li {
font-size: 9pt;
}
.sidebar .widget {
border-bottom: 2px solid #5c656d;
margin: 0 0 1.5em;
padding: 0 0 1.5em;
}
a.post-count-link {
font-family: 'Exo 2', sans-serif;
color: #9EA0A5;
text-transform: uppercase;
letter-spacing: 1.5pt;
font-weight: 500;
}
a.post-count-link:hover {
color: #f19615;
}
.posts a {
color: #ffffff;
}
.posts a:hover {
color: #f19615;
}
.Label ul {
margin: 5px 0;
padding: 5px 10px;
list-style: none;
list-style-image: none;
max-height: 200px;
overflow: scroll;
border: 1px solid #5c656d;
}
.Label ul li {
background: none;
list-style: none;
list-style-image: none;
list-style-position: outside;
border-width: 0;
padding-left: 15px;
text-indent: -15px;
margin: .25em 0;
background-image: none;
}
.Label ul li a {
color: #ffffff;
font-family: Roboto, sans-serif;
text-transform: uppercase;
font-size: 12px;
}
.Label ul li a:hover {
color: #f19615;
}
/** zippy is the triangle expanders **/
.zippy {
color: #9EA0A5;
}
.subscribe-wrapper {
margin: 0.5em 0;
}
div.subscribe {
background-color: #5c656d;
font-size: 10pt;
font-weight: 100 !important;
color: #ffffff;
border-radius: 2px;
width: 100%;
line-height: 2em;
padding: 1px;
margin: 8px 0;
transition: background-color 0.5s ease;
}
div.subscribe:hover {
background-color: #9EA0A5;
}
div.subscribe div.top, div.subscribe div.bottom {
background-image: none !important;
width: 100%;
}
.feed-icon {
padding: 4px 10px 6px 5px;
width: 15px;
height: auto;
vertical-align: middle;
}
.subscribe-dropdown-arrow {
margin-top: 3px;
margin-left: 10px;
}
#category_list li{
list-style:none;
}
#category_list span{
margin-right: 9px;
padding-left: 18px;
white-space: nowrap;
display: inline-block;
}
#category_list button{
border: none;
border-right: 1px solid #5c656d;
background-color: #5c656d;
font-size: 10pt;
color: #ffffff;
width: auto;
text-align: left;
height: 18px;
font-size: .75em;
margin: 0px -22px;
display: inline-block;
outline: none;
text-transform: capitalize;
transition: background-color 0.5s ease;
}
#category_list a {
position: relative;
margin-left: 20px;
}
#category_list button.selected{
color: #26282A;
background: #ef6f09;
}
#category_list button.selected:hover{
background: #f19615;
}
#category_list button .feed-icon {
width: 15px;
padding: 5px 4px 5px 3px;
}
#category_list button:hover {
background-color: #9EA0A5;
}
#category_list .feed-icon {
padding: 6px 4px 7px 6px;
}
a.feed-reader-link {
color: #ffffff !important;;
}
.gsc-search-button {
background-color: #5c656d;
border-radius: 2px;
border: none;
color: #ffffff;
}
input.gsc-input {
width: 95% !important;
height: 20px;
}
form.gsc-search-box {
margin-top: 7px !important;
}
#Gadget1 h2 {
display: none;
}
#Gadget1 {
text-align: left;
}
A-content, .blog-content a {
color: #ffffff;
text-decoration: none;
}
.blog-title, .blog-title a {
font-family: 'Exo 2', sans-serif;
color: #9EA0A5;
text-transform: uppercase;
letter-spacing: 1.5pt;
font-weight: 500;
text-decoration: none;
padding-bottom: 4px;
}
.blog-title a:hover, .blog-content a:hover {
color: #f19615;
}
.blog-list-container .blog-icon {
display: none;
}
/*********** Blog Post Styles ***********/
.post-outer {
margin-bottom: 40px;
}
.date-header {
font-family: 'Exo 2', sans-serif;
font-weight: 700;
color: #9EA0A5;
text-transform: uppercase;
font-size: 9pt;
letter-spacing: 1.5pt;
padding-bottom: 5px;
}
.date-outer {padding: 0;}
.date-outer p a, .date-outer i a, .date-outer .jump-link a, .post-body > a {
color: #ffffff;
box-shadow: 0px 1px 0px 0px #F19615;
text-decoration: none;
}
.post-title, .post-title a {
font-family: 'Exo 2', sans-serif;
font-size: 19pt;
font-weight: 400;
color: #3f7b9f;
text-decoration: none;
padding-bottom: 20px;
box-shadow: none;
}
/* removing box shadows on links with images */
a < img { box-shadow: none !important;}
a[imageanchor] { box-shadow: none !important;}
h3 {
font-family: 'Exo 2', sans-serif;
font-weight: 500;
color: #3f7b9f;
font-size: 14pt;
padding-top: 20px;
line-height: 1.25em;
margin-bottom: 15px;
}
h5 {
font-family: 'Exo 2', sans-serif;
font-weight: 700;
color: #587282;
font-size: 9pt;
text-transform: uppercase;
letter-spacing: 1.5pt;
margin: 0;
padding-top: 10px;
}
pre {
font-family: 'Fira Mono', monospace;
font-size: 10pt !important;
line-height: 1.5em !important;
color: #f19615;
border: 2px solid #5c656d;
padding: 20px;
background-color: #26282a;
margin: 30px 0;
white-space: pre-wrap;       /* css-3 */
white-space: -moz-pre-wrap;  /* Mozilla, since 1999 */
white-space: -pre-wrap;      /* Opera 4-6 */
white-space: -o-pre-wrap;    /* Opera 7 */
word-wrap: break-word;
max-width: 700px;
}
.entry-content h2 {
font-family: 'Exo 2', sans-serif;
font-weight: 400;
color: #3f7b9f;
text-transform: uppercase;
font-size: 17pt;
}
h4 {
font-family: 'Exo 2', sans-serif;
font-weight: 500;
text-transform: uppercase;
color: #9EA0A5;
}
.entry-content, .post-body {
color: #FFFFFF;
font-family: 'Roboto', sans-serif;
font-weight: 300;
font-size: 11.5pt;
line-height: 1.5em !important;
}
.entry-content img {
max-width: 100%;
height: auto;
margin-top: 30px;
margin-bottom: 10px;
}
figcaption {
font-size: 10pt;
color: #ec6e08;
font-weight: 500;
margin-bottom: 30px;
text-align: left;
}
@media (min-width: 950px) {
max-width: 700px;
height: auto;
}
.post-body {
margin-top: 10px;
}
.post-body table {
}
p {
padding: .75em 0;
margin: 0;
}
.post-footer {
margin: 40px 0 15px 0;
}
.post-footer-line a, .comment-author a, .comment-timestamp a, .comment-footer a {
text-decoration: none;
box-shadow: none;
color: #f19615;
}
.post-footer-line, .comment-author, .comment-timestamp, .comment-footer {
color: #9EA0A5;
font-size: 9pt;
letter-spacing: 1.5pt;
font-family: 'Exo 2', sans-serif;
font-weight: 400;
text-transform: uppercase;
}
.post {
margin: .5em 0 1.5em;
border-bottom: 1px solid #5c656d;
padding-bottom: 1.5em;
}
#comments {
border-bottom: 1px solid #5c656d;
padding: 20px 0;
margin-bottom: 40px;
}
.comment {
border-bottom: 1px solid #5c656d;
}
#comments .blogger-comment-icon, .blogger-comment-icon {
padding: 0;
background: none;
}
.comment-author {
border-top: 1px solid #5c656d;
padding-top: 20px !important;
}
.comments .avatar-image-container {
display:none;
}
.comment-header .user, .comment-header .user a {
color: #f19615;
font-family: 'Exo 2', sans-serif;
font-weight: 500 !important;
text-transform: uppercase;
box-shadow: none;
}
.comment-header .datetime, .comment-header .datetime a {
color: #9EA0A5;
font-family: 'Exo 2', sans-serif;
font-weight: 300;
text-transform: uppercase;
box-shadow: none;
}
.comments .comment-replybox-thread {
margin-top: 40px;
}
h4 {
font-family: 'Exo 2', sans-serif;
font-weight: 500;
text-transform: uppercase;
color: #9EA0A5;
}
img.email {
width: 25px;
height: auto;
}
.blog-pager, .feed-links {
color: #9EA0A5;
font-size: 9pt;
letter-spacing: 1.5pt;
font-family: 'Exo 2', sans-serif;
font-weight: 400;
text-transform: uppercase;
}
.blog-pager a, .feed-links a {
box-shadow: none;
color: #f19615;
}
.social-media-share a {
box-border: none !important;
}
.social-media-share {
margin-top: 15px;
display: flex;
}
.social-media-share img {
width: 25px;
height: 25px;
margin-right: 15px;
}
.social-media-share span {
font-family: 'Exo 2', sans-serif;
font-weight: 500;
text-transform: uppercase;
color: #9EA0A5;
}
.social-media-share .linkedin img{
width: 30px;
height: unset;
position: relative;
top: -3px;
}
.social-call {
float: left;
padding-top: 4px;
margin-right: 15px;
}
iframe {
margin: 20px 0;
max-width: 100%;
}
/****** Search & Label Filter Results ****/
.status-msg-wrap {
width: 100%;
border-bottom: 1px solid #5c656d;
text-align: left;
padding-bottom: 10px;
margin-bottom: 20px;
}
.status-msg-body {
text-align: left;
font-family: 'Roboto', sans-serif;
font-weight: 300;
text-transform: none;
}
.status-msg-body a {
text-decoration: none;
color:  #3f7b9f;
font-weight: 500;
}
.status-msg-body b {
color:  #f19615;
}
.status-msg-bg {
background-color: transparent;
}
.status-msg-border {
border: none;
}
#uds-searchControl .gsc-results {
background-color: transparent !important;
border-bottom: 2px solid #5c656d !important;
border-top: 0 !important;
border-left: 0 !important;
border-right: 0 !important;
}
.gsc-result {
margin-bottom: 10px !important;
padding-bottom: 10px !important;
}
.gs-relativePublishedDate {
font-family: "Exo 2",sans-serif;
font-weight: 500;
font-size: 9pt;
color: #9EA0A5 !important;
text-transform: uppercase;
letter-spacing: 1.5pt;
}
#uds-searchControl .gs-result .gs-title, #uds-searchControl .gs-result .gs-title *, #uds-searchControl .gsc-results .gsc-trailing-more-results, #uds-searchControl .gsc-results .gsc-trailing-more-results * {
font-family: "Exo 2",sans-serif;
font-weight: 700;
text-transform: uppercase;
letter-spacing: 1.5pt;
color:  #6a8596 !important;
text-decoration: none !important;
}
#uds-searchControl .gs-result .gs-title b {
color: #F19615 !important;
}
.gs-visibleUrl a.gs-visibleUrl {
color: #ffffff !important;
text-decoration: none;
box-shadow: 0px 1px 0px 0px #F19615;
line-height: 2em !important;
}
.gsc-url-bottom .gs-visibleUrl {
color: #F19615 !important;
font-weight: 700;
line-height: 2em !important;
text-decoration: underline;
}
#uds-searchControl .gsc-cursor-current-page {
color: #ffffff;
}
.gs-snippet {
padding-top: 5px !important;
}
#uds-searchControl .gsc-tabHeader.gsc-tabhActive {
background-color: #9EA0A5;
text-transform: uppercase;
font-family: "Exo 2",sans-serif;
}
#uds-searchControl .gsc-tabHeader.gsc-tabhInactive {
background-color: #5c656d;
text-transform: uppercase;
font-family: "Exo 2",sans-serif;
}
#uds-searchControl .gsc-tabHeader.gsc-tabhActive, #uds-searchControl .gsc-tabHeader.gsc-tabhInactive {
border: none !important;
border-top-left-radius: 4px;
border-top-right-radius: 4px;
font-weight: 600;
color: #212224;
padding: 3px 10px;
margin: 0 2px 0 0;
}
.gsc-tabsArea {
margin-bottom: 0 !important;
}
.gsc-above-wrapper-area {
padding: 5px 0 1px 0 !important;
border-bottom: 2px solid #9EA0A5 !important;
}
#uds-searchControl .gsc-cursor-current-page {
color: #ffffff !important;
}
.gsc-results .gsc-cursor-box .gsc-cursor-page {
text-decoration: none !important;
color: #9EA0A5 !important;
}
#uds-searchClearResults {
height: 15px !important;
width: 15px !important;
border-width: 2px !important;
}
.gsc-result-info {
color: #ffffff !important;
}
.gsc-webResult .gsc-result {
border-bottom: 1px solid #5c656d !important;
}
.gs-per-result-labels {
text-transform: uppercase;
font-family: "Exo 2",sans-serif;
font-size: 9pt;
color: #9EA0A5 !important;
font-weight: 500;
}
.gs-webResult div.gs-per-result-labels a.gs-label {
text-transform: uppercase;
font-family: "Exo 2",sans-serif;
font-size: 9pt;
color: #3f7b9f !important;
font-weight: 700;
text-decoration: none !important;
}
#Navbar1 {display:none!important;}
## Fix for lightbox preview
.CSS_LIGHTBOX {
z-index: 9999 !important;
}
#### Edits for EU Cookie Notice
.cookie-choices-info {
background-color:#5c656d !important;
}
#cookieChoiceInfo {
z-index:99999 !important;
}
.cookie-choices-info .cookie-choices-text{
color:#fff !important;
}
.cookie-choices-info .cookie-choices-button{
background-color: #ef6f09 !important;
color:#fff !important;
}
/* Styles for the Threat Roundup Posts here */
.threat-roundup-content table {
font-weight: 300;
font-family: 'Roboto', sans-serif;
font-size: 10pt;
text-align: left;
border: none;
border-collapse: collapse !important;
width: 100%;
margin-bottom: 40px;
}
.threat-roundup-content table th {
text-transform: uppercase;
font-weight: 400;
background-color: #3e4145;
color: #b9b9b9;
}
.threat-roundup-content table th, .threat-roundup-content table td {
padding: 4px 8px;
vertical-align: top;
}
.threat-roundup-content table.threats-table td {
padding-top: 8px;
padding-bottom: 8px;
line-height: 1.35em;
}
.threat-roundup-content table > tbody > tr:nth-of-type(odd) {
background-color: #2e3135;
}
hr.thin {
border-color: grey;
border-style: solid;
margin: 15px 0;
}
.screenshot-section + hr.thin {
margin-bottom: 40px;
}
.threat-roundup-content h2 {
margin: 40px 0;
}
.threat-roundup-content code {
font-family: 'Fira Mono', monospace;
color: #f19615;
font-weight: 300;
font-size: 8.75pt;
}
.threat-roundup-content td code {
word-break: break-all;
}
.threat-name-col {
color: #f19615;
font-weight: 400;
}
.text-center {
text-align: center;
}
.code {
background-color: #26282a;
color: #f19615;
border: 2px solid #5c656d;
padding: 20px;
margin: 10px 0 40px 0;
}
.code code {
line-height: 1.65;
}
.threat-table-note {
font-size: 9pt;
margin-top: -36px;
margin-bottom: 36px;
}
.coverage-check img {
width: 20px;
height: auto;
margin: -3px 0 !important;
}
.coverage-na {
font-style: italic;
}
.threat-coverage-table {
margin: auto;
max-width: 400px;
}
table.threat-coverage-table td, table.threat-coverage-table th {
padding: 6px 20px;
}
.screenshot-section h4 {
color: #f19615;
font-weight: 400;
margin-bottom: 8px;
}
.screenshot-section img {
margin: 0 auto 40px auto;
}
.amp-section img {
max-width: 350px;
}
table.exploit-prev-table {
margin-top: 40px;
}
table.exploit-prev-table td {
font-size: 8.75pt;
line-height: 1.5em;
padding: 8px 8px 16px 8px;
}
table.exploit-prev-table td.detection-col {
font-size: 9.5pt;
padding: 4px 8px;
}
.detection-col .threat-name-col {
font-weight: 500;
}
.button-link {
box-shadow: none !important;
}
.blog-podcast-button {
border-radius: 2px;
color: #fff;
border: none;
background-color: #5c656d;
line-height: 2em;
padding: 4px 16px 4px 12px;
margin-bottom: 20px;
margin-top: 10px;
}
.blog-podcast-button img {
width: 20px;
height: 20px;
margin: 0;
float: left;
padding-right: 4px;
padding-top: 3px;
}

--></style>
<link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1029833275466591797&amp;zx=1c47cbfd-ad70-4608-bf07-3201299944bc' media='none' onload='if(media!=&#39;all&#39;)media=&#39;all&#39;' rel='stylesheet'/><noscript><link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1029833275466591797&amp;zx=1c47cbfd-ad70-4608-bf07-3201299944bc' rel='stylesheet'/></noscript>
<meta name='google-adsense-platform-account' content='ca-host-pub-1556223355139109'/>
<meta name='google-adsense-platform-domain' content='blogspot.com'/>

<script type="text/javascript" language="javascript">
  // Supply ads personalization default for EEA readers
  // See https://www.blogger.com/go/adspersonalization
  adsbygoogle = window.adsbygoogle || [];
  if (typeof adsbygoogle.requestNonPersonalizedAds === 'undefined') {
    adsbygoogle.requestNonPersonalizedAds = 1;
  }
</script>


</head>
<body>
<div class='no-items section' id='header'></div>
<!-- Begin Navigation -->
<nav id='nav'>
<!-- Top navigation section: Account links / sign in -->
<div id='top-nav-bar'>
<ul class='top-nav-links-wrapper'>
<li>
</li>
</ul>
</div>
<!-- Main Navigation -->
<div id='navigation'>
<div id='mobile-nav-topper'>
<a href='https://www.talosintelligence.com'>
<!-- TALOS MOBILE ICON 'O' -->
<svg height='55px' viewBox='0 0 55 55' width='55px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g>
<g class='mobile-nav-home'>
<path clip-rule='evenodd' d='M45.201,12.343c0.378,0.48,0.758,0.925,1.096,1.401    c2.975,4.207,4.543,8.876,4.494,14.044c-0.05,5.452-1.643,10.386-5.186,14.593c-3.484,4.133-7.929,6.73-13.182,7.895    c-6.313,1.398-12.216,0.275-17.695-3.131c-0.441-0.273-0.847-0.6-1.266-0.904c-0.11-0.078-0.208-0.174-0.337-0.287    c0.127-0.141,0.246-0.27,0.366-0.398c0.887-0.949,1.765-1.904,2.663-2.844c0.114-0.119,0.321-0.217,0.485-0.217    c3.658-0.006,7.318,0,10.975,0.008c3.458,0.006,6.913,0.02,10.369,0.02c0.957,0,1.871-0.193,2.62-0.844    c0.797-0.693,1.157-1.596,1.157-2.643c0.001-7.533,0.003-15.067-0.005-22.601c-0.002-0.309,0.088-0.524,0.3-0.743    C43.098,14.598,44.127,13.49,45.201,12.343' fill='#FFFFFF' fill-rule='evenodd'></path>
<path clip-rule='evenodd' d='M41.402,8.822c-0.99,1.027-1.994,2.021-2.935,3.072    c-0.312,0.35-0.616,0.416-1.036,0.415c-6.98-0.009-13.957-0.007-20.938-0.007c-2.039,0-3.561,1.514-3.561,3.557    c0,6.504,0.002,13.008,0.006,19.512c0.002,0.973,0.011,1.943,0.004,2.914c0,0.133-0.04,0.301-0.127,0.393    c-1.069,1.162-2.15,2.314-3.229,3.469c-0.021,0.023-0.052,0.039-0.109,0.08c-0.159-0.188-0.323-0.369-0.471-0.562    c-2.535-3.348-4.119-7.102-4.605-11.268c-0.61-5.229,0.194-10.229,2.835-14.839c2.669-4.664,6.655-7.805,11.618-9.75    c3.205-1.257,6.533-1.852,9.977-1.621c4.478,0.298,8.553,1.754,12.227,4.325c0.101,0.072,0.197,0.151,0.291,0.229    C41.364,8.755,41.374,8.778,41.402,8.822' fill='#FFFFFF' fill-rule='evenodd'></path>
<path clip-rule='evenodd' d='M39.799,12.47c0.873-0.911,1.749-1.829,2.676-2.797    c0.605,0.564,1.195,1.112,1.816,1.691c-0.941,0.985-1.817,1.903-2.703,2.83c-0.276-0.339-0.511-0.688-0.807-0.975    C40.492,12.941,40.145,12.728,39.799,12.47' fill='#FFFFFF' fill-rule='evenodd'></path>
<path clip-rule='evenodd' d='M10.35,43.279c0.969-1.016,1.885-1.977,2.76-2.893    c0.213,0.369,0.376,0.762,0.639,1.072c0.265,0.312,0.627,0.539,0.98,0.832c-0.853,0.891-1.713,1.791-2.624,2.746    C11.513,44.445,10.939,43.869,10.35,43.279' fill='#FFFFFF' fill-rule='evenodd'></path>
</g>
</g>
</svg>
<!-- END ICON -->
</a>
</div>
<!-- Cisco | Talos logos -->
<div class='navigation-logos-wrapper'>
<div id='cisco-logo-wrapper'></div>
<div id='talos-logo-wrapper'>
<a href='https://www.talosintelligence.com'>
<!-- TALOS LOGO -->
<!-- Generator: Adobe Illustrator 26.0.2, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg id='Layer_1' style='enable-background:new 0 0 3361.3 912.4;' version='1.1' viewBox='0 0 3361.3 912.4' x='0px' xml:space='preserve' xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' y='0px'>
<style type='text/css'>
	.st0{display:none;}
	.ukraine_yellow{fill:#FCB83D;}
	.ukraine_blue{fill:#006DB6;}
</style>
<g class='st0' id='scaffold'>
</g>
<g>
<path class='ukraine_yellow' d='M1342.8,795.4c-0.1-20.7-0.2-41.3-0.2-62c-0.1-62.8-0.3-125.6-0.3-188.5c0-29.8-0.1-59.7-0.1-89.5h-97.5   c0,53.5-0.2,106.9-0.7,160.4c-0.1,10-1.4,20.4-4.1,30c-8.3,29.8-25.9,51.8-56.5,60.6c-10.4,3-21.6,4.3-32.5,4.4   c-63.5,0.4-127,0.2-190.5,0.2c-5.8,0-11.7,0.2-17.5,0.7c-39.7,3.1-70.5-18.3-80.8-56.7c-8.2-30.7-4-60.6,8-89.4   c15.4-36.8,40.5-64.3,78.6-78.4c17.8-6.6,36.3-7.1,55.1-7c72.3,0.3,144.6,0,217,0c1.8,0,3.5,0,5.1,0c0-8.3,0-16.6,0-24.9H836.4   c-26.4,28-46,61.3-60,98.4c-15.9,42-16.3,86-8.5,130.1c4.3,24.7,13,47.5,29.9,66.6c28.1,31.8,64.5,46.6,106,48.6   c29.4,1.4,59,1.2,88.4,1.1c61-0.1,121.9,0,182.9-1.2c34-0.7,65.4-10,90.5-35.2c21.3,18.3,46.2,29.1,73.2,36.8h4   C1342.8,798.5,1342.8,797,1342.8,795.4z'></path>
<path class='ukraine_yellow' d='M465.1,793.9c0-112.8,0-225.6,0-338.4H359.4c0,81.4,0,162.7,0,244.1c0,25.8,7,49,25.5,67.9   c15.5,15.9,34.9,24.8,56.2,29.6c6.9,1.6,14,2.4,21.5,3.6h2.5C465.1,797.7,465.1,795.8,465.1,793.9z'></path>
<path class='ukraine_yellow' d='M2896.8,494.3c76.3,0.9,152.6,0.3,229,0.3c3.5,0,7,0.1,10.5,0.3c24,1.3,39.4,17.8,39.6,42.1   c0.2,27.5,0.8,55,0.9,82.5c0.1,13,0.6,26.1-1.1,38.9c-3.4,25.2-25.5,43.4-50.8,43.5c-47.7,0.1-95.3,0.2-143,0.2   c-55.5,0-111,0.1-166.5-0.1c-7.5,0-13.9,1.6-20.3,5.3c-34.2,19.6-61.1,45.9-76.7,82.7c-1.4,3.4-2.4,6.9-3.7,10.9h427.6   c5.5-0.2,11-0.7,16.4-1.4c70-9.3,107.2-69.5,112.1-115.8c1.4-13.2,0.4-26.6,0.4-39.9c-0.1-39.5-0.2-79-0.4-118.5   c-0.1-17.5-2.6-34.7-10.5-50.4c-3.5-6.9-7.3-13.3-11.5-19.1h-444.5C2828.2,482.4,2860.4,493.8,2896.8,494.3z'></path>
<polygon class='ukraine_yellow' points='3251.7,800.6 3251.7,776.9 3260.5,776.9 3260.5,771.4 3235.9,771.4 3235.9,776.9 3244.5,776.9    3244.5,800.6  '></polygon>
<polygon class='ukraine_yellow' points='3279.4,791.9 3272.8,771.4 3263.5,771.4 3263.5,800.6 3270.6,800.6 3270.6,794 3269.9,779.9    3277,800.6 3281.8,800.6 3288.9,779.9 3288.2,794 3288.2,800.6 3295.3,800.6 3295.3,771.4 3285.9,771.4  '></polygon>
<path class='ukraine_yellow' d='M2403.3,792.4c77.5-17.2,143.1-55.5,194.5-116.5c52.3-62.1,75.8-134.9,76.5-215.3c0-1.7,0-3.4,0-5.1h-133.2   c0,57,0,114.1,0,171.1c0,15.4-5.3,28.8-17.1,39c-11,9.6-24.5,12.4-38.6,12.4c-51,0-102-0.2-153-0.3c-54-0.1-108-0.2-162-0.1   c-2.4,0-5.5,1.4-7.2,3.2c-13.2,13.9-26.2,28-39.3,42c-1.8,1.9-3.5,3.8-5.4,5.9c1.9,1.7,3.4,3.1,5,4.2c6.2,4.5,12.2,9.3,18.7,13.3   c53,33,108.8,51.5,167.2,54.4h33.7C2362.9,799.7,2383,796.9,2403.3,792.4z'></path>
<path class='ukraine_yellow' d='M2118.4,646.5c-12.9,13.5-26.4,27.7-40.7,42.7c8.7,8.7,17.2,17.2,25.9,25.9c13.5-14.1,26.1-27.4,38.7-40.5   c-5.2-4.3-10.5-7.7-14.4-12.3C2123.9,657.7,2121.5,651.9,2118.4,646.5z'></path>
<path class='ukraine_yellow' d='M1584.6,455.5h-106.8c0,81.9,0,163.7,0,245.6c0,6.8,0.4,13.7,1.3,20.4c5.9,46.5,42.1,78.6,88.5,78.6   c144.6,0,289.3,0,433.9,0c1.7,0,3.5,0,5.5,0c-0.9-15.3-4.1-29.2-9.2-42.6c-14-36.3-41.2-60.8-86.9-60.5   c-94.1,0.5-188.3,0-282.4-0.1c-22.3,0-34-8.9-39.7-30.3c-4.7-17.6-4.2-35.6-4.2-53.6C1584.6,560.5,1584.6,508,1584.6,455.5z'></path>
<path class='ukraine_yellow' d='M1989.8,499.1c7.2,61.5,30.6,116.9,68,166.3c2.2,2.9,4.6,5.5,6.9,8.3c0.9-0.6,1.3-0.8,1.6-1.2   c15.9-17,31.9-34,47.7-51.2c1.3-1.4,1.8-3.8,1.9-5.8c0.1-14.3,0-28.7,0-43c0-39,0-78-0.1-117H1987   C1987.2,469.9,1988.1,484.4,1989.8,499.1z'></path>
</g>
<g>
<path class='ukraine_blue' d='M2804.2,455.5h444.5c-23.8-33-58.9-48.6-100.8-49.9c-68.6-2.2-137.3-1-205.9-1.2c-13.7-0.1-27.3,0-41-0.3   c-11.6-0.3-21.4-4.7-28.1-14.6c-5.6-8.4-8.8-17.5-8.1-27.8c2.7-39.9,5.2-79.8,8.2-119.7c1.1-14.5,7.2-27,18.5-36.5   c12.5-10.4,27.4-13.2,43-13.2c87.2,0,174.3-0.3,261.5,0.3c13.8,0.1,24.9-3.9,35.3-12c0.9-0.7,1.9-1.4,2.8-2.1   c20.6-16.7,32.5-37.9,33.8-65.4c-2,0-3.3,0-4.6,0c-62-0.2-124-0.5-185.9-0.8c-42.7-0.2-85.3-0.5-128-0.5c-17.3,0-34.8-0.3-51.9,1.7   c-40.6,4.7-73.8,23-96.5,57.8c-10.8,16.6-19.1,34.5-20.3,54.6c-2.8,44.9-5,89.8-7.7,134.7c-1.8,30.8,5.1,59.4,23.1,84.6   C2798.6,448.9,2801.4,452.3,2804.2,455.5z'></path>
<path class='ukraine_blue' d='M1226,455.5c0-22.1,0-44,0-66c-2.6,0-4.7,0-6.8,0c-81,0-162,0.1-243,0c-33.4,0-64.3,8.6-92.3,26.6   c-17.9,11.5-33.6,24.7-47.5,39.4H1226z'></path>
<path class='ukraine_blue' d='M1584.6,455.5c0-81.1,0-162.2-0.1-243.4c0-24.5-7.6-46.3-25.1-63.9c-22.3-22.3-50.3-31.4-81.7-34.8   c0,3,0,5.2,0,7.3c0,111.6,0,223.1,0,334.7H1584.6z'></path>
<path class='ukraine_blue' d='M184.3,197.1c17.7,1.4,35.6,0.9,53.4,1c29,0.1,58,0,87,0c9,0,17.3,2.5,23.3,9.6c7.3,8.6,11.4,18.4,11.4,30.1   c-0.1,72.6-0.1,145.2-0.1,217.8h105.7c0-71.5,0-143,0-214.5c0-4,0.3-8,1.2-11.9c4.1-18.4,17.1-30.5,33.9-30.7   c25.3-0.2,50.6,0.4,76,0.4c21.5,0,43.1,1.1,64.4-0.8c44.5-3.9,75.5-27.3,91.8-69.2c2.2-5.7,3.5-11.7,5.4-18   c-216.3,0-431.7,0-647.9,0c0.4,2.7,0.6,5,1.1,7.3C100.4,162.1,137,193.5,184.3,197.1z'></path>
<path class='ukraine_blue' d='M2541,293.1c0.1,54.1,0.1,108.2,0.1,162.4h133.2c-0.3-74.2-23.4-141.4-66.3-202.1c-5-7-10.6-13.6-16.1-20.7   c-15.9,16.9-31,33.3-46.4,49.4C2542.4,285.4,2541,288.6,2541,293.1z'></path>
<path class='ukraine_blue' d='M2115.8,455.5c0-57,0-113.9,0-170.9c0-30.1,22.5-52.5,52.5-52.5c103,0,205.9,0,308.9,0.1   c6.2,0,10.7-1,15.3-6.1c13.9-15.5,28.7-30.2,43.3-45.3c-0.4-0.7-0.5-1-0.8-1.2c-1.4-1.2-2.8-2.3-4.3-3.4   c-54.2-37.9-114.3-59.4-180.4-63.8c-50.8-3.4-99.9,5.4-147.2,23.9c-73.2,28.7-132,75.1-171.4,143.9   c-31.5,55.1-45.3,113.9-44.7,175.3H2115.8z'></path>
<path class='ukraine_blue' d='M2526.7,245.7c4.4,4.2,7.8,9.4,11.9,14.4c13.1-13.7,26-27.2,39.9-41.8c-9.2-8.5-17.8-16.6-26.8-25   c-13.7,14.3-26.6,27.8-39.5,41.3C2517.2,238.4,2522.4,241.6,2526.7,245.7z'></path>
<path class='ukraine_blue' d='M894.7,191.4c2.1,1.1,4.7,1.5,7.1,1.6c14.2,0.1,28.3,0.1,42.5,0.1c60-0.2,120-0.2,179.9-0.6   c19.7-0.1,38.8,1.8,57.1,9.8c39.5,17.4,62,46.6,62.5,90.8c0.5,46.3,0.8,92.6,0.8,138.9c0,7.8,0,15.7,0,23.5h97.5   c0-50.8-0.1-101.6-0.3-152.4c-0.1-14.5-1-29-3-43.3c-4.6-34.3-17.3-65.2-42-90.3c-22.6-22.9-50.6-36.4-81.1-45.2   c-34.4-9.9-69.7-13.4-105.2-13.6c-34-0.2-68,0.8-101.9,0.9c-53.8,0.2-107.6,0-161.5,0c-1.9,0-3.9,0-5.8,0c-0.2,1.2-0.3,1.7-0.3,2.1   C846.2,148.4,863.4,174.9,894.7,191.4z'></path>
</g>
</svg>
<!-- END TALOS LOGO -->
</a>
</div>
</div>
<!-- Main Site Navigation Links -->
<div class='navigation-links-wrapper'>
<ul class='main-nav-list'>
<!-- Sofware -->
<li class='nav-item '>
<div class='primary-link-wrapper'>
<a class='primary_nav_link' href='https://www.talosintelligence.com/software'>
<!-- SOFTWARE ICON -->
<svg height='20px' viewBox='0 0 26 20' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='tools-icon'>
<path d='M24.7-0.062H1.3C0.583-0.062,0,0.521,0,1.241v17.393c0,0.721,0.583,1.304,1.3,1.304h23.4   c0.719,0,1.3-0.583,1.3-1.304V1.241C26,0.521,25.419-0.062,24.7-0.062z M23.604,13.027c-0.063,0.058-0.151,0.077-0.232,0.052   L20.2,12.104c-0.024-0.008-0.052,0.007-0.06,0.032l-0.806,2.62c-0.008,0.025,0.006,0.048,0.023,0.057l3.201,0.984   c0.08,0.024,0.142,0.091,0.161,0.172c0.02,0.082-0.006,0.169-0.067,0.227c-1.106,1.063-2.77,1.309-4.137,0.609   c-1.207-0.616-1.918-1.825-1.961-3.093L7.858,9.268C6.806,9.976,5.41,10.107,4.202,9.49C3.249,9.002,2.564,8.124,2.328,7.076   C2.309,6.994,2.335,6.907,2.398,6.85c0.062-0.058,0.149-0.078,0.231-0.053l3.172,0.975c0.025,0.008,0.052-0.006,0.06-0.032   l0.805-2.621C6.673,5.094,6.66,5.071,6.642,5.063L3.441,4.078C3.361,4.053,3.3,3.988,3.28,3.906   C3.26,3.824,3.286,3.737,3.347,3.679c1.108-1.063,2.77-1.308,4.138-0.609c1.207,0.618,1.918,1.826,1.961,3.093l8.697,4.445   c1.053-0.708,2.448-0.84,3.655-0.223c0.955,0.488,1.638,1.367,1.876,2.414C23.692,12.883,23.665,12.969,23.604,13.027z' fill='#9EA0A5'></path>
</g>
</svg>
<!-- END ICON -->
<span>Software</span>
</a>
</div>
</li>
<!-- Vulnerability Information -->
<li class='nav-item '>
<div class='primary-link-wrapper'>
<a class='primary_nav_link' href='https://www.talosintelligence.com/vulnerability_info'>
<!-- VULNERABILITY INFO ICON -->
<svg height='20px' viewBox='0 0 26 20' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='vuln-icon'>
<path d='M24.256,18.49L13.872,0.503C13.692,0.192,13.36,0,13,0c-0.359,0-0.692,0.192-0.872,0.503L1.744,18.49  c-0.18,0.312-0.18,0.695,0,1.006C1.924,19.809,2.257,20,2.616,20h20.769c0.359,0,0.691-0.191,0.871-0.504  C24.436,19.186,24.436,18.803,24.256,18.49 M14.268,18.215h-2.533v-1.85h2.533V18.215z M14.268,15.441h-2.533L10.89,6.515h4.222  L14.268,15.441z' fill='#9EA0A5'></path>
</g>
</svg>
<!-- END ICON -->
<span>Vulnerability<span class='break'><br/></span> Information</span>
</a>
</div>
<input class='sub-nav-trigger' id='vuln-sub-trigger' type='checkbox'/>
<label class='sub-nav-trigger-label' for='vuln-sub-trigger'>
<!-- SUBNAVIGATION ICON -->
<svg height='47.75px' viewBox='0 0 48.167 47.75' width='48.167px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<circle cx='24.083' cy='23.875' fill='none' opacity='0.4' r='22' stroke='#FFFFFF' stroke-miterlimit='10'></circle>
<g>
<circle cx='24.083' cy='16.068' fill='#FFFFFF' r='2.496'></circle>
<circle cx='24.083' cy='23.875' fill='#FFFFFF' r='2.496'></circle>
<circle cx='24.083' cy='31.682' fill='#FFFFFF' r='2.496'></circle>
</g>
</svg>
<!-- END ICON -->
</label>
<ul class='sub-nav'>
<li class='desktop-hide'>
<a href='https://www.talosintelligence.com/vulnerability_info'>
<h1>Vulnerability Information</h1>
</a>
</li>
<li class='desktop-hide'><label class='subnav-back-button' for='vuln-sub-trigger'>BACK</label></li>
<li><a href='https://www.talosintelligence.com/vulnerability_reports'>Vulnerability Reports</a></li>
<li><a href='https://www.talosintelligence.com/ms_advisories'>Microsoft Advisories</a></li>
</ul>
<div class='desktop-hide subnav-overlay'>
<!-- VULNERABILITY INFO ICON -->
<svg height='20px' viewBox='0 0 26 20' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='vuln-icon'>
<path d='M24.256,18.49L13.872,0.503C13.692,0.192,13.36,0,13,0c-0.359,0-0.692,0.192-0.872,0.503L1.744,18.49  c-0.18,0.312-0.18,0.695,0,1.006C1.924,19.809,2.257,20,2.616,20h20.769c0.359,0,0.691-0.191,0.871-0.504  C24.436,19.186,24.436,18.803,24.256,18.49 M14.268,18.215h-2.533v-1.85h2.533V18.215z M14.268,15.441h-2.533L10.89,6.515h4.222  L14.268,15.441z' fill='#9EA0A5'></path>
</g>
</svg>
<!-- END ICON -->
</div>
</li>
<!-- Reputation Center -->
<li class='nav-item '>
<div class='primary-link-wrapper'>
<a class='primary_nav_link' href='https://www.talosintelligence.com/reputation'>
<!-- REPUTATION CENTER ICON -->
<svg height='20px' viewBox='0 0 26 20' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='center-icon'>
<path d='M24.7,0H1.3C0.582,0,0,0.585,0,1.308v17.384C0,19.415,0.582,20,1.3,20h23.4c0.718,0,1.3-0.585,1.3-1.308   V1.308C26,0.585,25.418,0,24.7,0z M21.75,10.5h-1.9c-0.246,3.392-2.958,6.104-6.35,6.35v1.9h-1v-1.9   c-3.392-0.246-6.104-2.958-6.35-6.35h-1.9v-1h1.9c0.246-3.392,2.958-6.104,6.35-6.35v-1.9h1v1.9c3.392,0.246,6.104,2.958,6.35,6.35   h1.9V10.5z' fill='#9EA0A5'></path>
<path d='M18.85,9.5c-0.241-2.84-2.509-5.108-5.35-5.35v2.184h-1V4.15C9.66,4.392,7.392,6.66,7.15,9.5h2.184v1H7.15   c0.241,2.841,2.509,5.108,5.35,5.35v-2.184h1v2.184c2.841-0.241,5.108-2.509,5.35-5.35h-2.184v-1H18.85z M13,11.984   c-1.096,0-1.984-0.888-1.984-1.984c0-1.096,0.888-1.984,1.984-1.984c1.097,0,1.984,0.888,1.984,1.984   C14.984,11.097,14.097,11.984,13,11.984z' fill='#9EA0A5'></path>
</g>
</svg>
<!-- END ICON -->
<span>Reputation<span class='break'><br/></span> Center</span>
</a>
</div>
<input class='sub-nav-trigger' id='reputation-sub-trigger' type='checkbox'/>
<label class='sub-nav-trigger-label' for='reputation-sub-trigger'>
<!-- SUBNAVIGATION ICON -->
<svg height='47.75px' viewBox='0 0 48.167 47.75' width='48.167px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<circle cx='24.083' cy='23.875' fill='none' opacity='0.4' r='22' stroke='#FFFFFF' stroke-miterlimit='10'></circle>
<g>
<circle cx='24.083' cy='16.068' fill='#FFFFFF' r='2.496'></circle>
<circle cx='24.083' cy='23.875' fill='#FFFFFF' r='2.496'></circle>
<circle cx='24.083' cy='31.682' fill='#FFFFFF' r='2.496'></circle>
</g>
</svg>
<!-- END ICON -->
</label>
<ul class='sub-nav'>
<li class='desktop-hide'>
<a href='https://www.talosintelligence.com/reputation'>
<h1>Reputation Center</h1>
</a>
</li>
<li class='desktop-hide'><label class='subnav-back-button' for='reputation-sub-trigger'>BACK</label></li>
<li><a data-method='get' href='https://www.talosintelligence.com/reputation_center'>IP & Domain Reputation</a></li>
<li><a href='https://www.talosintelligence.com/talos_file_reputation'>Talos File Reputation</a></li>
<li><a href='https://www.talosintelligence.com/support'>Reputation Support</a></li>
<li><a href='https://www.talosintelligence.com/secure-endpoint-naming'>Secure Endpoint Naming Conventions</a></li>
<li><a href='https://www.talosintelligence.com/categories'>Intelligence Categories</a></li>
</ul>
<div class='desktop-hide subnav-overlay'>
<!-- REPUTATION CENTER ICON -->
<svg height='20px' viewBox='0 0 26 20' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='center-icon'>
<path d='M24.7,0H1.3C0.582,0,0,0.585,0,1.308v17.384C0,19.415,0.582,20,1.3,20h23.4c0.718,0,1.3-0.585,1.3-1.308   V1.308C26,0.585,25.418,0,24.7,0z M21.75,10.5h-1.9c-0.246,3.392-2.958,6.104-6.35,6.35v1.9h-1v-1.9   c-3.392-0.246-6.104-2.958-6.35-6.35h-1.9v-1h1.9c0.246-3.392,2.958-6.104,6.35-6.35v-1.9h1v1.9c3.392,0.246,6.104,2.958,6.35,6.35   h1.9V10.5z' fill='#9EA0A5'></path>
<path d='M18.85,9.5c-0.241-2.84-2.509-5.108-5.35-5.35v2.184h-1V4.15C9.66,4.392,7.392,6.66,7.15,9.5h2.184v1H7.15   c0.241,2.841,2.509,5.108,5.35,5.35v-2.184h1v2.184c2.841-0.241,5.108-2.509,5.35-5.35h-2.184v-1H18.85z M13,11.984   c-1.096,0-1.984-0.888-1.984-1.984c0-1.096,0.888-1.984,1.984-1.984c1.097,0,1.984,0.888,1.984,1.984   C14.984,11.097,14.097,11.984,13,11.984z' fill='#9EA0A5'></path>
</g>
</svg>
<!-- END ICON -->
</div>
</li>
<!-- Library -->
<li class='nav-item '>
<a class='primary_nav_link' href='https://www.talosintelligence.com/resources'>
<!-- LIBRARY ICON -->
<svg height='20px' viewBox='0 0 26 20' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='library-icon'>
<g>
<rect fill='#9EA0A5' height='0.882' width='5.438' x='7.389' y='9.446'></rect>
<rect fill='#9EA0A5' height='0.883' width='5.438' x='7.389' y='13.887'></rect>
<rect fill='#9EA0A5' height='0.882' width='5.438' x='7.389' y='7.226'></rect>
<rect fill='#9EA0A5' height='0.883' width='5.438' x='7.389' y='11.666'></rect>
<path d='M24.7,0H1.3C0.583,0,0,0.56,0,1.25v17.499C0,19.44,0.583,20,1.3,20h23.4c0.719,0,1.3-0.56,1.3-1.251V1.25    C26,0.56,25.419,0,24.7,0z M14.32,15.852c0,0.275-0.222,0.498-0.498,0.498H6.665c-0.274,0-0.497-0.223-0.497-0.498V6.144    c0-0.276,0.222-0.499,0.497-0.499h7.157c0.276,0,0.498,0.223,0.498,0.499V15.852z M19.832,13.564c0,0.273-0.222,0.496-0.497,0.496    h-3.768v-1.578h2.771V11.6h-2.771v-1.339h2.771V9.38h-2.771V8.041h2.771V7.159h-2.771V6.144c0-0.111-0.01-0.219-0.03-0.325h2.802    V4.938h-3.257c-0.318-0.332-0.764-0.54-1.26-0.54H11.68V3.856c0-0.275,0.222-0.499,0.498-0.499h7.158    c0.275,0,0.497,0.224,0.497,0.499V13.564z' fill='#9EA0A5'></path>
</g>
</g>
</svg>
<!-- END ICON -->
<span>Library</span>
</a>
</li>
<!-- Support -->
<li class='nav-item'>
<div class='primary-link-wrapper'>
<a class='primary_nav_link' href='https://www.talosintelligence.com/community'>
<!-- SUPPORT ICON -->
<svg height='20px' viewBox='0 0 26 20' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='community-icon'>
<g>
<path d='M24.7-0.062H1.3C0.582-0.062,0,0.521,0,1.241v17.393c0,0.72,0.582,1.304,1.3,1.304h23.4    c0.718,0,1.3-0.584,1.3-1.304V1.241C26,0.521,25.418-0.062,24.7-0.062z M18.911,12.189c0,1.98-5.911,5.461-5.911,5.461    s-5.911-3.208-5.911-5.461c0-2.251,0-8.189,0-8.189L13,2.361L18.911,4C18.911,4,18.911,10.21,18.911,12.189z' fill='#9EA0A5'></path>
<polygon fill='#9EA0A5' points='9.671,8.763 8.275,10.16 11.77,13.655 13.166,12.259 17.726,7.699 16.384,6.357 11.824,10.917       '></polygon>
</g>
</g>
</svg>
<!-- END ICON -->
<span>Support</span>
</a>
</div>
<input class='sub-nav-trigger' id='community-sub-trigger' type='checkbox'/>
<label class='sub-nav-trigger-label' for='community-sub-trigger'>
<!-- SUBNAVIGATION ICON -->
<svg height='47.75px' viewBox='0 0 48.167 47.75' width='48.167px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<circle cx='24.083' cy='23.875' fill='none' opacity='0.4' r='22' stroke='#FFFFFF' stroke-miterlimit='10'></circle>
<g>
<circle cx='24.083' cy='16.068' fill='#FFFFFF' r='2.496'></circle>
<circle cx='24.083' cy='23.875' fill='#FFFFFF' r='2.496'></circle>
<circle cx='24.083' cy='31.682' fill='#FFFFFF' r='2.496'></circle>
</g>
</svg>
<!-- END ICON -->
</label>
<ul class='sub-nav'>
<li class='desktop-hide'>
<a href='https://www.talosintelligence.com/community'>
<h1>Support Communities</h1>
</a>
</li>
<li class='desktop-hide'><label class='subnav-back-button' for='community-sub-trigger'>BACK</label></li>
<li>
<a href='https://www.talosintelligence.com/reputation_center/support#reputation_center_support_ticket'>Reputation Center Support</a>
</li>
<li><a href='https://snort.org/community' target='_blank'>Snort Community</a></li>
<li><a href='https://www.clamav.net/contact.html#ml' target='_blank'>ClamAV Community</a></li>
<li><a href='https://www.spamcop.net/' target='_blank'>SpamCop</a></li>
</ul>
<div class='desktop-hide subnav-overlay'>
<!-- SUPPORT ICON -->
<svg height='20px' viewBox='0 0 26 20' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='community-icon'>
<g>
<path d='M24.7-0.062H1.3C0.582-0.062,0,0.521,0,1.241v17.393c0,0.72,0.582,1.304,1.3,1.304h23.4    c0.718,0,1.3-0.584,1.3-1.304V1.241C26,0.521,25.418-0.062,24.7-0.062z M18.911,12.189c0,1.98-5.911,5.461-5.911,5.461    s-5.911-3.208-5.911-5.461c0-2.251,0-8.189,0-8.189L13,2.361L18.911,4C18.911,4,18.911,10.21,18.911,12.189z' fill='#9EA0A5'></path>
<polygon fill='#9EA0A5' points='9.671,8.763 8.275,10.16 11.77,13.655 13.166,12.259 17.726,7.699 16.384,6.357 11.824,10.917       '></polygon>
</g>
</g>
</svg>
<!-- END ICON -->
</div>
</li>
<!-- Incident Response -->
<li class='nav-item '>
<a class='primary_nav_link' href='https://www.talosintelligence.com/incident_response'>
<!-- INCIDENT RESPONSE ICON -->
<svg height='20px' id='Layer_1' version='1.1' viewBox='0 0 26 20' width='26px' xml:space='preserve' xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink'>
<g class='nav-icon' id='nav-ir-icon'>
<path d='M24.7,0H1.3C0.6,0,0,0.6,0,1.2v17.5C0,19.4,0.6,20,1.3,20h23.4c0.7,0,1.3-0.6,1.3-1.3V1.2   C26,0.6,25.5,0,24.7,0z M7.9,8.9c0-2.9,2.3-5.2,5.1-5.2s5.1,2.3,5.1,5.2v3.5H7.9V8.9z M20.2,15.8c0,0.3-0.2,0.5-0.5,0.5H6.4   c-0.3,0-0.5-0.2-0.5-0.5v-2.1c0-0.3,0.2-0.5,0.5-0.5h13.2c0.3,0,0.5,0.2,0.5,0.5V15.8z' fill='#9EA0A5'></path>
<path d='M13,5.2L13,5.2c-1.8,0-3.6,1.4-3.6,3.3c0,0.1,0,0.2,0.1,0.3c0.1,0.1,0.2,0.1,0.3,0.1s0.2,0,0.3-0.1   c0.1-0.1,0.1-0.2,0.1-0.3c0-1.3,1.4-2.4,2.7-2.4c0.1,0,0.2,0,0.3-0.1c0.1-0.1,0.1-0.2,0.1-0.3s0-0.2-0.1-0.3   C13.3,5.3,13.2,5.2,13,5.2z' fill='#9EA0A5'></path>
</g>
</svg>
<!-- END ICON -->
<span>Incident Response</span>
</a>
</li>
<!-- Careers -->
<li class='nav-item '>
<a class='primary_nav_link' href='https://www.talosintelligence.com/careers'>
<!-- CAREERS ICON -->
<svg height='20px' viewBox='0 0 26 20' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='career-icon'>
<path d='M24.7,0H1.3C0.582,0,0,0.559,0,1.25v17.499C0,19.44,0.582,20,1.3,20h23.4c0.719,0,1.3-0.56,1.3-1.251V1.25   C26,0.559,25.419,0,24.7,0z M4.047,13.736c-0.21-1.287-0.46-3.002-0.41-3.657c0.052-0.687,0.645-1.194,1.76-1.51   c0.278-0.08,0.562-0.139,0.815-0.184l0.104-0.554C5.774,7.357,5.404,6.46,5.404,5.68c0-1.124,0.767-2.037,1.713-2.037   c0.946,0,1.713,0.913,1.713,2.037c0,0.781-0.371,1.677-0.914,2.152l0.104,0.554C8.275,8.431,8.558,8.49,8.837,8.57   c0.427,0.121,0.777,0.27,1.05,0.447c-0.811,0.26-1.462,0.597-1.938,1.004c-0.606,0.52-0.956,1.182-1.012,1.913   c-0.029,0.385-0.002,0.988,0.08,1.803H4.047z M17.618,17.5H8.383c-0.317-1.938-0.692-4.516-0.617-5.502   c0.079-1.031,0.97-1.796,2.648-2.272c0.418-0.118,0.845-0.209,1.227-0.276l0.156-0.833c-0.817-0.715-1.373-2.062-1.373-3.238   c0-1.691,1.153-3.063,2.576-3.063c1.424,0,2.577,1.372,2.577,3.063c0,1.176-0.556,2.524-1.374,3.238L14.36,9.45   c0.382,0.067,0.808,0.158,1.227,0.276c1.679,0.476,2.569,1.241,2.648,2.272C18.311,12.984,17.937,15.562,17.618,17.5z    M21.953,13.736h-2.969c0.082-0.814,0.109-1.418,0.081-1.803c-0.057-0.73-0.406-1.393-1.013-1.913   c-0.476-0.407-1.127-0.745-1.938-1.004c0.272-0.177,0.623-0.326,1.05-0.447c0.279-0.08,0.562-0.139,0.816-0.184l0.104-0.554   c-0.542-0.475-0.913-1.372-0.913-2.152c0-1.124,0.767-2.037,1.713-2.037s1.713,0.913,1.713,2.037c0,0.781-0.369,1.677-0.912,2.152   l0.104,0.554c0.254,0.045,0.537,0.104,0.815,0.184c1.116,0.316,1.708,0.823,1.761,1.51C22.413,10.734,22.164,12.449,21.953,13.736z   ' fill='#9EA0A5'></path>
</g>
</svg>
<!-- END ICON -->
<span>Careers</span>
</a>
</li>
<!-- Blog -->
<li class='nav-item active'>
<div class='primary-link-wrapper'>
<a class='primary_nav_link' href='https://blog.talosintelligence.com/' id='link_blog'>
<!-- BLOG ICON -->
<svg height='22.25px' viewBox='0 0 26 22.25' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='blog-icon'>
<path d='M24.753,1.356h-2.501l-0.863-0.883C21.091,0.17,20.695,0.002,20.264,0c-0.415,0-0.808,0.16-1.104,0.45  l-0.926,0.906H1.249C0.562,1.356,0,1.917,0,2.604v15.384v0.082v0.568c0,0.717,0.582,1.299,1.3,1.299h15.602l5.297,2.211  l-0.686-2.211H24.7c0.718,0,1.3-0.582,1.3-1.299V18.07v-0.158V2.604C26,1.917,25.438,1.356,24.753,1.356z M6.031,14.773  l13.856-13.58c0.1-0.099,0.233-0.153,0.377-0.153c0.145,0.001,0.279,0.058,0.381,0.161l0.152,0.156l2.089,2.136  c0.102,0.104,0.154,0.24,0.152,0.383c-0.002,0.143-0.06,0.275-0.161,0.374L8.993,17.803l-4.14,1.086L6.031,14.773z' fill='#9EA0A5'></path>
</g>
</svg>
<!-- END ICON -->
<span>Blog</span>
</a>
</div>
<input class='sub-nav-trigger' id='blog-sub-trigger' type='checkbox'/>
<label class='sub-nav-trigger-label' for='blog-sub-trigger'>
<!-- SUBNAVIGATION ICON -->
<svg height='47.75px' viewBox='0 0 48.167 47.75' width='48.167px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<circle cx='24.083' cy='23.875' fill='none' opacity='0.4' r='22' stroke='#FFFFFF' stroke-miterlimit='10'></circle>
<g>
<circle cx='24.083' cy='16.068' fill='#FFFFFF' r='2.496'></circle>
<circle cx='24.083' cy='23.875' fill='#FFFFFF' r='2.496'></circle>
<circle cx='24.083' cy='31.682' fill='#FFFFFF' r='2.496'></circle>
</g>
</svg>
<!-- END ICON -->
</label>
<ul class='sub-nav'>
<li class='desktop-hide'>
<a href='https://blog.talosintelligence.com/'>
<h1>Blog</h1>
</a>
</li>
<li class='desktop-hide'><label class='subnav-back-button' for='blog-sub-trigger'>BACK</label></li>
<li><a href="https://blog.talosintelligence.com/">Talos Blog</a></li>
<li><a href='https://www.talosintelligence.com/newsletters'>Talos Threat Source Newsletter</a></li>
</ul>
<div class='desktop-hide subnav-overlay'>
<!-- BLOG ICON -->
<svg height='22.25px' viewBox='0 0 26 22.25' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='blog-icon'>
<path d='M24.753,1.356h-2.501l-0.863-0.883C21.091,0.17,20.695,0.002,20.264,0c-0.415,0-0.808,0.16-1.104,0.45  l-0.926,0.906H1.249C0.562,1.356,0,1.917,0,2.604v15.384v0.082v0.568c0,0.717,0.582,1.299,1.3,1.299h15.602l5.297,2.211  l-0.686-2.211H24.7c0.718,0,1.3-0.582,1.3-1.299V18.07v-0.158V2.604C26,1.917,25.438,1.356,24.753,1.356z M6.031,14.773  l13.856-13.58c0.1-0.099,0.233-0.153,0.377-0.153c0.145,0.001,0.279,0.058,0.381,0.161l0.152,0.156l2.089,2.136  c0.102,0.104,0.154,0.24,0.152,0.383c-0.002,0.143-0.06,0.275-0.161,0.374L8.993,17.803l-4.14,1.086L6.031,14.773z' fill='#9EA0A5'></path>
</g>
</svg>
<!-- END ICON -->
</div>
</li>
<!-- Podcasts -->
<li class='nav-item'>
<div class='primary-link-wrapper'>
<a class='primary_nav_link' href='https://talosintelligence.com/podcasts'>
<!-- PODCAST ICON -->
<svg height='20px' id='Layer_1' style='enable-background:new 0 0 26 20;' version='1.1' viewBox='0 0 26 20' width='26px' x='0px' xml:space='preserve' xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' y='0px'>
<path class='nav-icon' d='M24.7-0.1H1.3C0.6-0.1,0,0.5,0,1.2v17.4c0,0.7,0.6,1.3,1.3,1.3h23.4c0.7,0,1.3-0.6,1.3-1.3V1.2  C26,0.5,25.4-0.1,24.7-0.1z M9.8,5c0-1.8,1.5-3.2,3.2-3.2c1.8,0,3.2,1.5,3.2,3.2v5.8c0,1.8-1.5,3.2-3.2,3.2c-1.8,0-3.2-1.5-3.2-3.2  V5z M18.5,10.7c0,2.8-2.1,5.2-4.9,5.4V17h2.9c0.3,0,0.6,0.3,0.6,0.6s-0.3,0.6-0.6,0.6h-7c-0.3,0-0.6-0.3-0.6-0.6S9.1,17,9.5,17h2.9  v-0.9c-2.8-0.3-4.9-2.7-4.9-5.4V9.1c0-0.3,0.3-0.6,0.6-0.6s0.6,0.3,0.6,0.6v1.5c0,2.4,1.9,4.3,4.3,4.3s4.3-1.9,4.3-4.3V9.1  c0-0.3,0.3-0.6,0.6-0.6s0.6,0.3,0.6,0.6V10.7z' fill='#9EA0A5'></path>
</svg>
<!-- END ICON -->
<span>Podcasts</span>
</a>
</div>
<input class='sub-nav-trigger' id='podcast-sub-trigger' type='checkbox'/>
<label class='sub-nav-trigger-label' for='podcast-sub-trigger'>
<!-- SUBNAVIGATION ICON -->
<svg height='47.75px' viewBox='0 0 48.167 47.75' width='48.167px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<circle cx='24.083' cy='23.875' fill='none' opacity='0.4' r='22' stroke='#FFFFFF' stroke-miterlimit='10'></circle>
<g>
<circle cx='24.083' cy='16.068' fill='#FFFFFF' r='2.496'></circle>
<circle cx='24.083' cy='23.875' fill='#FFFFFF' r='2.496'></circle>
<circle cx='24.083' cy='31.682' fill='#FFFFFF' r='2.496'></circle>
</g>
</svg>
<!-- END ICON -->
</label>
<ul class='sub-nav'>
<li class='desktop-hide'>
<a href='https://talosintelligence.com/podcasts'>
<h1>Podcasts</h1>
</a>
</li>
<li><a href='https://talosintelligence.com/podcasts/shows/beers_with_talos'>Beers with Talos</a></li>
<li><a href='https://talosintelligence.com/podcasts/shows/talos_takes'>Talos Takes</a></li>
</ul>
<div class='desktop-hide subnav-overlay'>
<!-- PODCAST ICON -->
<svg height='20px' id='Layer_1' style='enable-background:new 0 0 26 20;' version='1.1' viewBox='0 0 26 20' width='26px' x='0px' xml:space='preserve' xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' y='0px'>
<path class='nav-icon' d='M24.7-0.1H1.3C0.6-0.1,0,0.5,0,1.2v17.4c0,0.7,0.6,1.3,1.3,1.3h23.4c0.7,0,1.3-0.6,1.3-1.3V1.2  C26,0.5,25.4-0.1,24.7-0.1z M9.8,5c0-1.8,1.5-3.2,3.2-3.2c1.8,0,3.2,1.5,3.2,3.2v5.8c0,1.8-1.5,3.2-3.2,3.2c-1.8,0-3.2-1.5-3.2-3.2  V5z M18.5,10.7c0,2.8-2.1,5.2-4.9,5.4V17h2.9c0.3,0,0.6,0.3,0.6,0.6s-0.3,0.6-0.6,0.6h-7c-0.3,0-0.6-0.3-0.6-0.6S9.1,17,9.5,17h2.9  v-0.9c-2.8-0.3-4.9-2.7-4.9-5.4V9.1c0-0.3,0.3-0.6,0.6-0.6s0.6,0.3,0.6,0.6v1.5c0,2.4,1.9,4.3,4.3,4.3s4.3-1.9,4.3-4.3V9.1  c0-0.3,0.3-0.6,0.6-0.6s0.6,0.3,0.6,0.6V10.7z' fill='#9EA0A5'></path>
</svg>
<!-- END ICON -->
</div>
</li>
<!-- About -->
<li class='nav-item '>
<a class='primary_nav_link' href='https://www.talosintelligence.com/about'>
<!-- ABOUT ICON -->
<svg height='20px' viewBox='0 0 26 20' width='26px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink'>
<g class='nav-icon' id='about-icon'>
<path d='M24.7-0.062H1.3C0.582-0.062,0,0.52,0,1.241v17.393c0,0.72,0.582,1.304,1.3,1.304h23.4   c0.718,0,1.3-0.584,1.3-1.304V1.241C26,0.52,25.418-0.062,24.7-0.062z M18.704,4.58c-0.318,0.335-0.616,0.647-0.918,0.961   c-0.092-0.115-0.172-0.233-0.272-0.332c-0.099-0.093-0.218-0.166-0.334-0.254c0.296-0.31,0.594-0.621,0.908-0.951   C18.294,4.198,18.494,4.384,18.704,4.58z M6.876,15.064c-0.053-0.062-0.109-0.125-0.16-0.189c-0.861-1.139-1.398-2.413-1.564-3.83   c-0.208-1.776,0.066-3.474,0.963-5.04c0.906-1.584,2.262-2.652,3.947-3.312c1.089-0.428,2.219-0.63,3.391-0.552   c1.519,0.102,2.904,0.596,4.152,1.469c0.035,0.025,0.068,0.052,0.101,0.08c0.005,0.003,0.008,0.012,0.019,0.027   c-0.337,0.349-0.679,0.686-0.998,1.043c-0.105,0.12-0.209,0.142-0.353,0.142c-2.37-0.003-4.741-0.003-7.112-0.003   c-0.692,0-1.208,0.516-1.208,1.208c-0.001,2.211,0,4.419,0,6.628c0,0.33,0.003,0.66,0.001,0.99c0,0.046-0.014,0.102-0.042,0.134   c-0.364,0.395-0.731,0.786-1.098,1.179C6.907,15.046,6.896,15.052,6.876,15.064z M7.174,15.424   c0.329-0.346,0.642-0.672,0.938-0.983c0.072,0.125,0.128,0.259,0.217,0.363c0.09,0.107,0.213,0.184,0.333,0.283   C8.373,15.39,8.08,15.696,7.771,16.02C7.569,15.819,7.375,15.623,7.174,15.424z M19.151,15.117   c-1.184,1.403-2.693,2.287-4.479,2.683c-2.144,0.477-4.15,0.094-6.011-1.064c-0.149-0.091-0.288-0.203-0.43-0.307   c-0.037-0.026-0.07-0.059-0.115-0.098c0.044-0.046,0.083-0.092,0.125-0.136c0.301-0.323,0.599-0.646,0.904-0.966   c0.039-0.041,0.109-0.073,0.165-0.073c1.244-0.003,2.486,0,3.729,0.002c1.174,0.003,2.348,0.007,3.523,0.007   c0.325,0,0.636-0.066,0.891-0.286c0.27-0.235,0.392-0.542,0.392-0.897c0.002-2.56,0.002-5.119-0.001-7.678   c-0.001-0.105,0.029-0.179,0.101-0.252c0.354-0.373,0.705-0.75,1.07-1.139c0.127,0.164,0.257,0.315,0.372,0.476   c1.011,1.43,1.543,3.016,1.525,4.771C20.896,12.011,20.354,13.688,19.151,15.117z' fill='#9EA0A5'></path>
</g>
</svg>
<!-- END ICON -->
<span>About</span>
</a>
</li>
<!-- Mobile Only Sign in area -->
<li class='acct_links desktop-hide'>
<a class='login-button' href='https://talosintelligence.com/users/auth/saml'>Cisco Login</a>
</li>
</ul>
</div>
</div>
</nav>
<!-- MOBILE NAVIGATION TRIGGER -->
<input class='nav-trigger' id='nav-trigger' type='checkbox'/>
<label for='nav-trigger'>
<!-- NAVIGATION MENU ICON -->
<svg height='16px' viewBox='0 0 22 16' width='22px' x='0px' xmlns='https://www.w3.org/2000/svg' xmlns:xlink='https://www.w3.org/1999/xlink' y='0px'>
<g id='menu-icon'>
<path d='M20.5,3h-19C0.672,3,0,2.329,0,1.5S0.672,0,1.5,0h19C21.328,0,22,0.671,22,1.5S21.328,3,20.5,3z' fill='#FFFFFF'></path>
<path d='M20.5,9.5h-19C0.672,9.5,0,8.828,0,8c0-0.829,0.672-1.5,1.5-1.5h19C21.328,6.5,22,7.171,22,8   C22,8.828,21.328,9.5,20.5,9.5z' fill='#FFFFFF'></path>
<path d='M20.5,16h-19C0.672,16,0,15.328,0,14.5S0.672,13,1.5,13h19c0.828,0,1.5,0.672,1.5,1.5S21.328,16,20.5,16z' fill='#FFFFFF'></path>
</g>
</svg>
<!-- END ICON -->
</label>
<!-- END OF NAVIGATION / BEGINNING OF PAGE CONTENT -->
<div id='page_wrapper'>
<div class='container-fluid full-height'>
<div class='row full-height'>
<div class='col-xs-12 col_single'>
<div class='row'>
<div class='col-xs-12 publication' id='content-wrapper'>
<div id='main-wrapper'>
<div class='main section' id='main'><div class='widget Blog' data-version='1' id='Blog1'>
<div class='blog-posts hfeed'>
<!--Can't find substitution for tag [defaultAdStart]-->

                        <div class="date-outer">
                      
<h2 class='date-header'><span>Tuesday, December 4, 2018</span></h2>

                        <div class="date-posts">
                      
<div class='post-outer'>
<div class='post hentry uncustomized-post-template' itemprop='blogPost' itemscope='itemscope' itemtype='https://schema.org/BlogPosting'>
<meta content='1029833275466591797' itemprop='blogId'/>
<meta content='1664675579510275690' itemprop='postId'/>
<a name='1664675579510275690'></a>
<h3 class='post-title entry-title' itemprop='name'>
An introduction to offensive capabilities of Active Directory on UNIX
</h3>
<div class='post-header'>
<div class='post-header-line-1'></div>
</div>
<div class='post-body entry-content' id='post-body-1664675579510275690' itemprop='description articleBody'>
Tim Wadhwa-Brown of <a href="https://labs.portcullis.co.uk/">Portcullis Labs</a> authored this post.<br />
<br />
In preparation for our <a href="https://www.blackhat.com/eu-18/briefings/schedule/index.html#where-2-worlds-collide-bringing-mimikatz-et-al-to-unix-12962">talk</a> at Black Hat Europe, <a href="https://www.cisco.com/c/en/us/products/security/advisory-services.html">Security Advisory EMEAR</a>  would like to share the background on our recent research into some common Active Directory integration solutions. Just as with Windows, these solutions can be utilized to join UNIX infrastructure to enterprises' Active Directory forests.<br />
<br />
<br />
<a name='more'></a><br />
<h2>
Background to active directory integration solutions</h2>
<br />
Having seen an uptick in unique UNIX infrastructures that are integrated into customers' existing Active Directory forests, the question becomes, "Does this present any concerns that may not be well understood?" This quickly became "What if an adversary could get into a UNIX box and then breach your domain?"<br />
<br />
Within a typical Active Directory integration solution (in this case <a href="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/5.7_release_notes/sssd">SSSD</a>), the solution shares a striking similarity to what a user might see on Windows. Notably, you have:<br />
<br />
<ul>
<li>
DNS &#8211; Used for name resolution</li>
<li>
LDAP &#8211; Used for "one-time identification" and assertion of identity</li>
<li>
Kerberos &#8211; Used for ongoing authentication</li>
<li>
SSSD &#8211; Like LSASS</li>
<li>
 PAM &#8211; Like msgina.dll or the more modern credential providers</li>
</ul>
<br />
<br />
You can see a breakdown of this process <a href="https://rhelblog.redhat.com/2015/02/04/overview-of-direct-integration-options/">here</a>. Unlike Windows, there is no Group Policy for the most part (with some exceptions), so policies for sudo et al. are typically pushed as flat files to hosts.<br />
<br />
<h3>
Our research</h3>
<br />
Realistically, the threat models associated with each part of the implementation should be quite familiar to anyone securing a heterogeneous Windows network. Having worked with a variety of customers, it becomes apparent that the typical UNIX administrator who does not have a strong background in Windows and Active Directory will be ill-equipped to handle this threat. While we've been talking about successful attacks against components such as LSASS and Kerberos for quite some time, Mimikatz dates back to at least April 2014, and dumping hashes has been around even longer. Pwdump, which dumped local Windows hashes, was published by Jeremy Allison in 1997). However, no one has really taken a concerted look at whether these attacks are possible on UNIX infrastructure, nor how a blue team might spot an adversary performing them.<br />
<br />
As a result of this research, we were able to develop tactics, tools, and procedures that might further assist an attacker in breaching an enterprise, and we began documenting and developing appropriate strategies to allow blue teams to appropriately detect and respond to such incursions. The presentation and tactics, tools, and procedures for this talk will be available after our <a href="https://www.blackhat.com/eu-18/briefings/schedule/index.html#where-2-worlds-collide-bringing-mimikatz-et-al-to-unix-12962">Blackhat EU talk</a>. They will also be available <a href="https://labs.portcullis.co.uk/">here</a>, and at our <a href="https://github.com/portcullislabs">GitHub</a> <a href="https://github.com/portcullislabs">repo</a>.<br />
<br />
<div style='clear: both;'></div>
</div>
<div class='post-footer'>
<div class='post-footer-line post-footer-line-1'>
<span class='post-author vcard'>
Posted by
<span class='fn' itemprop='author' itemscope='itemscope' itemtype='https://schema.org/Person'>
<meta content='https://www.blogger.com/profile/01371227431827203745' itemprop='url'/>
<a class='g-profile' href='https://www.blogger.com/profile/01371227431827203745' rel='author' title='author profile'>
<span itemprop='name'>Joe Marshall</span>
</a>
</span>
</span>
<span class='post-timestamp'>
at
<meta content='http://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html' itemprop='url'/>
<a class='timestamp-link' href='https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html' rel='bookmark' title='permanent link'><abbr class='published' itemprop='datePublished' title='2018-12-04T11:21:00-05:00'>11:21 AM</abbr></a>
</span>
<span class='reaction-buttons'>
</span>
<span class='post-comment-link'>
</span>
<span class='post-backlinks post-comment-link'>
</span>
<span class='post-icons'>
<span class='item-control blog-admin pid-1865039063'>
<a href='https://www.blogger.com/post-edit.g?blogID=1029833275466591797&postID=1664675579510275690&from=pencil' title='Edit Post'>
<img alt='' class='icon-action' height='18' src='https://img2.blogblog.com/img/icon18_edit_allbkg.gif' width='18'/>
</a>
</span>
</span>
<div class='post-share-buttons goog-inline-block'>
</div>
</div>
<div class='post-footer-line post-footer-line-2'>
<span class='post-labels'>
Labels:
<a href='https://blog.talosintelligence.com/search/label/Active%20Directory' rel='tag'>Active Directory</a>,
<a href='https://blog.talosintelligence.com/search/label/Black%20Hat' rel='tag'>Black Hat</a>,
<a href='https://blog.talosintelligence.com/search/label/Blue%20Team' rel='tag'>Blue Team</a>,
<a href='https://blog.talosintelligence.com/search/label/Portcullis' rel='tag'>Portcullis</a>
</span>
</div>
<div class='post-footer-line post-footer-line-3'>
<div style='text-align: left;'>
<div class='social-media-share'>
<div class='social-call'><span>Share This Post</span></div>
<a class='facebook' data-text='An introduction to offensive capabilities of Active Directory on UNIX' href='https://www.facebook.com/sharer.php?u=https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html&text=An introduction to offensive capabilities of Active Directory on UNIX' rel='nofollow' target='_blank' title='Share This On Facebook'>
<img alt='Facebook share' border='0' src='https://www.talosintelligence.com/assets/icon_fb-share_grey.svg'/>
</a>
<a class='twitter' data-text='An introduction to offensive capabilities of Active Directory on UNIX' href='https://twitter.com/share?url=https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html&text=An introduction to offensive capabilities of Active Directory on UNIX' rel='nofollow' target='_blank' title='Tweet This'>
<img alt='Twitter share' border='0' src='https://www.talosintelligence.com/assets/icon_tw-share_grey.svg'/>
</a>
<a class='linkedin' data-text='An introduction to offensive capabilities of Active Directory on UNIX' href='https://www.linkedin.com/sharing/share-offsite/?url=https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html&text=An introduction to offensive capabilities of Active Directory on UNIX' rel='nofollow' target='_blank' title='Share This On Linkedin'>
<img alt='Linkedin share' border='0' src='https://www.talosintelligence.com/assets/icon_li-share_grey.svg'/>
</a>
<a class='reddit' data-text='An introduction to offensive capabilities of Active Directory on UNIX' href='https://www.reddit.com/submit?url=https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html&title=An introduction to offensive capabilities of Active Directory on UNIX' rel='nofollow' target='_blank' title='Reddit This'>
<img alt='Reddit share' border='0' src='https://www.talosintelligence.com/assets/icon_re-share_grey.svg'/>
</a>
<a href='mailto:?body=https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html&subject=An introduction to offensive capabilities of Active Directory on UNIX'>
<img alt='Email This' border='0' src='https://www.talosintelligence.com/assets/icon_em-share_grey.svg'/>
</a>
</div>
</div>
<span class='post-location'>
</span>
</div>
</div>
</div>
<div class='comments' id='comments'>
<a name='comments'></a>
<h4>No comments:</h4>
<div id='Blog1_comments-block-wrapper'>
<dl class='' id='comments-block'>
</dl>
</div>
<p class='comment-footer'>
<div class='comment-form'>
<a name='comment-form'></a>
<h4 id='comment-post-message'>Post a Comment</h4>
<p>
</p>
<p>Note: Only a member of this blog may post a comment.</p>
<a href='https://www.blogger.com/comment/frame/1029833275466591797?po=1664675579510275690&hl=en' id='comment-editor-src'></a>
<iframe allowtransparency='true' class='blogger-iframe-colorize blogger-comment-from-post' frameborder='0' height='410' id='comment-editor' name='comment-editor' src='' width='100%'></iframe>
<!--Can't find substitution for tag [post.friendConnectJs]-->
<script src='https://www.blogger.com/static/v1/jsbin/157798655-comment_from_post_iframe.js' type='text/javascript'></script>
<script type='text/javascript'>
                    BLOG_CMT_createIframe('https://www.blogger.com/rpc_relay.html');
                  </script>
</div>
</p>
<div id='backlinks-container'>
<div id='Blog1_backlinks-container'>
</div>
</div>
</div>
</div>

                      </div></div>
                    
<!--Can't find substitution for tag [adEnd]-->
</div>
<div class='blog-pager' id='blog-pager'>
<span id='blog-pager-newer-link'>
<a class='blog-pager-newer-link' href='https://blog.talosintelligence.com/2018/12/threat-roundup-1130-1207.html' id='Blog1_blog-pager-newer-link' title='Newer Post'>Newer Post</a>
</span>
<span id='blog-pager-older-link'>
<a class='blog-pager-older-link' href='https://blog.talosintelligence.com/2018/12/Netgate-pfsense-command-injection-vulns.html' id='Blog1_blog-pager-older-link' title='Older Post'>Older Post</a>
</span>
<a class='home-link' href='https://blog.talosintelligence.com/'>Home</a>
</div>
<div class='clear'></div>
<div class='post-feeds'>
<div class='feed-links'>
Subscribe to:
<a class='feed-link' href='https://blog.talosintelligence.com/feeds/1664675579510275690/comments/default' target='_blank' type='application/atom+xml'>Post Comments (Atom)</a>
</div>
</div>
</div></div>
</div>
<div id='sidebar-wrapper'>
<div class='sidebar section' id='sidebar'><div class='widget HTML' data-version='1' id='HTML1'>
<div class='widget-content'>
<style>   
   
   #search {  
   /* Old browsers */
   background: #dedfe1;
   /* W3C, IE10+, FF16+, Chrome26+, Opera12+, Safari7+ */
   background: 
     url('https://www.talosintelligence.com/assets/icon_search.svg') 96% 50% no-repeat,
     linear-gradient(to right, #dedfe1 0%,#dedfe1 84%,#ef6f09 84%,#ef6f09 100%); 
   /* FF3.6-15 */
   background: 
     url('https://www.talosintelligence.com/assets/icon_search.svg') 96% 50% no-repeat,
     -moz-linear-gradient(left, #dedfe1 0%, #dedfe1 84%, #ef6f09 84%, #ef6f09 100%); 
   /* Chrome10-25,Safari5.1-6 */
   background: 
     url(https://www.talosintelligence.com/assets/icon_search.svg) 96% 50% no-repeat,
     -webkit-linear-gradient(left, #dedfe1 0%,#dedfe1 84%,#ef6f09 84%,#ef6f09 100%); 
   
   text-align: left;  
   padding: 8px 24px 6px 6px;  
   line-height: 1em;
   border-radius: 2px;
   height: 18px; 
   cursor: pointer;
   }  
   #search:focus {
    background-color: #fff;
    box-shadow: inset 0 0 2px 1px #ED6F09;
    outline: none;
   }
   #search #s {  
   background: none;  
   color: #303338; 
   font-family: verdana; 

   font-size: 11px;  
   border: 0;  
   width: 100%;  
   padding: 0;  
   margin: 0;  
   outline: none;  
   }  
   
   </style>  
   
   <div id="search" title="Type and hit enter"> 
<form action="/search" id="searchform" method="get"> 
<input id="s" name="q" type="text" placeholder="Search Blog" /> </form> </div>
</div>
<div class='clear'></div>
</div><div class='widget HTML' data-version='1' id='HTML2'>
<h2 class='title'>categories</h2>
<div class='widget-content'>
<div id="category_list"></div>

<script>
    (function () {
        //These categories MUST match the case of the label IN USE.
        var categories = ['Headlines', 'threats', 'vulnerabilities', 'Threat Roundup'];
        var cat_list = document.getElementById('category_list');
        var selected = [];
        function select_category(e){
            e.preventDefault();
            var cat_path = 'https://blog.talosintelligence.com/search/?q=';
            target = e.target;
            search_target = e.target.getAttribute('data-search');
            var cat_search = 'label:%22' + search_target.replace(/\s/g, '%20') + '%22';
            switch (e.shiftKey) {
                case true:
                    if ( selected.includes(cat_search) ){
                        var index = selected.indexOf(cat_search);
                        selected.splice(index, 1);
                        target.classList.remove('selected');
                    } else {
                        selected.push(cat_search);
                        target.classList.add('selected');
                    }
                    break;
                case false:
                    if (!selected.includes(cat_search)){
                        selected.push(cat_search);
                    }
                    var new_path = selected.join('||');
                    selected = [];
                    location.href = cat_path += new_path;
                    break;
            }
        }
        categories.forEach((cat)=>{
            var span = document.createElement('span');
            var cat_search = cat.replace(/\s/g, '%20');
            var button = document.createElement('button');
            var rss_image = document.createElement('img');
            var rss_a = document.createElement('a');
            button.addEventListener("click", select_category);
            button.innerHTML = cat;
            button.setAttribute('data-search', cat);
            rss_image.setAttribute('src', 'https://www.talosintelligence.com/assets/icon_rss_orange.svg');
            rss_image.setAttribute('align', 'absmiddle');
            rss_a.setAttribute('href', 'https://blog.talosintelligence.com/feeds/posts/default/-/' + cat_search);
            rss_a.setAttribute('title', cat + ' RSS feed');
            rss_image.classList.add('feed-icon');
            rss_a.append(rss_image);
            span.append(button);
            span.classList = "individual-category";
            span.append(rss_a);
            cat_list.append(span);
        });
    })();
</script>
</div>
<div class='clear'></div>
</div><div class='widget Subscribe' data-version='1' id='Subscribe1'>
<div style='white-space:nowrap'>
<h2 class='title'>Subscribe To Our Feed</h2>
<div class='widget-content'>
<div>
<div class='feed-reader-links subscribe'>
<a class='feed-reader-link' href='https://blog.talosintelligence.com/feeds/posts/default' target='_blank'>
<img align='absmiddle' class='feed-icon' src='https://www.talosintelligence.com/assets/icon_rss_orange.svg'/>
Posts
</a>
</div>
</div>
<div>
<div class='feed-reader-links subscribe'>
<a class='feed-reader-link' href='https://blog.talosintelligence.com/feeds/1664675579510275690/comments/default' target='_blank'>
<img align='absmiddle' class='feed-icon' src='https://www.talosintelligence.com/assets/icon_rss_orange.svg'/>
Comments
</a>
</div>
</div>
<div>
<div class='subscribe'>
<a class='feed-reader-link' href='https://www.talosintelligence.com/blog_subscription' onclick='window.open(&#39;https://www.talosintel.com/files/blog_files/email_subscription.html&#39;, &#39;popupwindow&#39;, &#39;scrollbars=yes,width=550,height=520&#39;);return true' target='popupwindow'>
<img align='absmiddle' class='feed-icon' src='https://www.talosintelligence.com/assets/icon_email_orange.svg'/>
										Subscribe via Email
                                    </a>
</div>
</div>
<div style='clear:both'></div>
</div>
</div>
<div class='clear'></div>
</div><div class='widget BlogArchive' data-version='1' id='BlogArchive1'>
<h2>Blog Archive</h2>
<div class='widget-content'>
<div id='ArchiveList'>
<div id='BlogArchive1_ArchiveList'>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2022/'>
2022
</a>
<span class='post-count' dir='ltr'>(93)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2022/05/'>
May
</a>
<span class='post-count' dir='ltr'>(9)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2022/04/'>
April
</a>
<span class='post-count' dir='ltr'>(17)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2022/03/'>
March
</a>
<span class='post-count' dir='ltr'>(26)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2022/02/'>
February
</a>
<span class='post-count' dir='ltr'>(19)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2022/01/'>
January
</a>
<span class='post-count' dir='ltr'>(22)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/'>
2021
</a>
<span class='post-count' dir='ltr'>(291)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/12/'>
December
</a>
<span class='post-count' dir='ltr'>(15)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/11/'>
November
</a>
<span class='post-count' dir='ltr'>(28)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/10/'>
October
</a>
<span class='post-count' dir='ltr'>(23)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/09/'>
September
</a>
<span class='post-count' dir='ltr'>(25)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/08/'>
August
</a>
<span class='post-count' dir='ltr'>(25)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/07/'>
July
</a>
<span class='post-count' dir='ltr'>(27)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/06/'>
June
</a>
<span class='post-count' dir='ltr'>(24)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/05/'>
May
</a>
<span class='post-count' dir='ltr'>(24)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/04/'>
April
</a>
<span class='post-count' dir='ltr'>(29)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/03/'>
March
</a>
<span class='post-count' dir='ltr'>(26)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/02/'>
February
</a>
<span class='post-count' dir='ltr'>(24)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2021/01/'>
January
</a>
<span class='post-count' dir='ltr'>(21)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/'>
2020
</a>
<span class='post-count' dir='ltr'>(272)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/12/'>
December
</a>
<span class='post-count' dir='ltr'>(22)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/11/'>
November
</a>
<span class='post-count' dir='ltr'>(12)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/10/'>
October
</a>
<span class='post-count' dir='ltr'>(30)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/09/'>
September
</a>
<span class='post-count' dir='ltr'>(25)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/08/'>
August
</a>
<span class='post-count' dir='ltr'>(19)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/07/'>
July
</a>
<span class='post-count' dir='ltr'>(24)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/06/'>
June
</a>
<span class='post-count' dir='ltr'>(22)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/05/'>
May
</a>
<span class='post-count' dir='ltr'>(23)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/04/'>
April
</a>
<span class='post-count' dir='ltr'>(23)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/03/'>
March
</a>
<span class='post-count' dir='ltr'>(21)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/02/'>
February
</a>
<span class='post-count' dir='ltr'>(29)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2020/01/'>
January
</a>
<span class='post-count' dir='ltr'>(22)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/'>
2019
</a>
<span class='post-count' dir='ltr'>(276)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/12/'>
December
</a>
<span class='post-count' dir='ltr'>(26)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/11/'>
November
</a>
<span class='post-count' dir='ltr'>(27)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/10/'>
October
</a>
<span class='post-count' dir='ltr'>(24)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/09/'>
September
</a>
<span class='post-count' dir='ltr'>(27)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/08/'>
August
</a>
<span class='post-count' dir='ltr'>(21)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/07/'>
July
</a>
<span class='post-count' dir='ltr'>(22)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/06/'>
June
</a>
<span class='post-count' dir='ltr'>(16)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/05/'>
May
</a>
<span class='post-count' dir='ltr'>(25)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/04/'>
April
</a>
<span class='post-count' dir='ltr'>(25)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/03/'>
March
</a>
<span class='post-count' dir='ltr'>(24)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/02/'>
February
</a>
<span class='post-count' dir='ltr'>(19)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2019/01/'>
January
</a>
<span class='post-count' dir='ltr'>(20)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate expanded'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy toggle-open'>

                          &#9660;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/'>
2018
</a>
<span class='post-count' dir='ltr'>(198)</span>
<ul class='hierarchy'>
<li class='archivedate expanded'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy toggle-open'>

                          &#9660;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/12/'>
December
</a>
<span class='post-count' dir='ltr'>(16)</span>
<ul class='posts'>
<li><a href='https://blog.talosintelligence.com/2018/12/threat-roundup-1214-1221.html'>Threat Roundup for Dec. 14 to Dec. 21</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/submissions-for-talks-at-2019-talos.html'>Submissions for talks at the 2019 Talos Threat Res...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/year-in-malware-2018-most-prominent.html'>Year in Malware 2018: The most prominent threats T...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/MS-OOB-IE-Scripting-Engine-Vuln.html'>Microsoft Patches Out-of-Band Internet Explorer Sc...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/cryptocurrency-future-2018.html'>As Cryptocurrency Crash Continues, Will Mining Thr...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/cryptomining-campaigns-2018.html'>Connecting the dots between recently active crypto...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/beers-with-talos-ep-43-espionage.html'>Beers with Talos EP 43: Espionage, Encryption, and...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/bitcoin-bomb-scare-associated-with.html'>Bitcoin Bomb Scare Associated with Sextortion Scam...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/threat-roundup-1207-1214.html'>Threat Roundup for  Dec. 7 to Dec. 14</a></li>
<li><a href='https://blog.talosintelligence.com/2017/01/shamoon-2.html'>Cisco Coverage for Shamoon 2 &amp; 3</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/vulnerability-spotlight-adobe-acrobat.html'>Vulnerability Spotlight: Adobe Acrobat Reader DC t...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/microsoft-patch-tuesday-december-2018.html'>Microsoft Patch Tuesday &#8212; December 2018: Vulnerabi...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/secureim.html'>in(Secure) messaging apps &#8212; How side-channel attac...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/threat-roundup-1130-1207.html'>Threat Roundup for Nov. 30 to Dec. 7</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html'>An introduction to offensive capabilities of Activ...</a></li>
<li><a href='https://blog.talosintelligence.com/2018/12/Netgate-pfsense-command-injection-vulns.html'>Vulnerability Spotlight: Netgate pfSense system_ad...</a></li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/11/'>
November
</a>
<span class='post-count' dir='ltr'>(15)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/10/'>
October
</a>
<span class='post-count' dir='ltr'>(26)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/09/'>
September
</a>
<span class='post-count' dir='ltr'>(16)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/08/'>
August
</a>
<span class='post-count' dir='ltr'>(12)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/07/'>
July
</a>
<span class='post-count' dir='ltr'>(20)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/06/'>
June
</a>
<span class='post-count' dir='ltr'>(15)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/05/'>
May
</a>
<span class='post-count' dir='ltr'>(15)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/04/'>
April
</a>
<span class='post-count' dir='ltr'>(21)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/03/'>
March
</a>
<span class='post-count' dir='ltr'>(10)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/02/'>
February
</a>
<span class='post-count' dir='ltr'>(14)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2018/01/'>
January
</a>
<span class='post-count' dir='ltr'>(18)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/'>
2017
</a>
<span class='post-count' dir='ltr'>(171)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/12/'>
December
</a>
<span class='post-count' dir='ltr'>(9)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/11/'>
November
</a>
<span class='post-count' dir='ltr'>(11)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/10/'>
October
</a>
<span class='post-count' dir='ltr'>(15)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/09/'>
September
</a>
<span class='post-count' dir='ltr'>(17)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/08/'>
August
</a>
<span class='post-count' dir='ltr'>(16)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/07/'>
July
</a>
<span class='post-count' dir='ltr'>(14)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/06/'>
June
</a>
<span class='post-count' dir='ltr'>(14)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/05/'>
May
</a>
<span class='post-count' dir='ltr'>(19)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/04/'>
April
</a>
<span class='post-count' dir='ltr'>(17)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/03/'>
March
</a>
<span class='post-count' dir='ltr'>(17)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/02/'>
February
</a>
<span class='post-count' dir='ltr'>(12)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2017/01/'>
January
</a>
<span class='post-count' dir='ltr'>(10)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/'>
2016
</a>
<span class='post-count' dir='ltr'>(99)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/12/'>
December
</a>
<span class='post-count' dir='ltr'>(9)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/11/'>
November
</a>
<span class='post-count' dir='ltr'>(8)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/10/'>
October
</a>
<span class='post-count' dir='ltr'>(11)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/09/'>
September
</a>
<span class='post-count' dir='ltr'>(8)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/08/'>
August
</a>
<span class='post-count' dir='ltr'>(9)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/07/'>
July
</a>
<span class='post-count' dir='ltr'>(9)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/06/'>
June
</a>
<span class='post-count' dir='ltr'>(10)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/05/'>
May
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/04/'>
April
</a>
<span class='post-count' dir='ltr'>(12)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/03/'>
March
</a>
<span class='post-count' dir='ltr'>(7)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/02/'>
February
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2016/01/'>
January
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/'>
2015
</a>
<span class='post-count' dir='ltr'>(62)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/12/'>
December
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/11/'>
November
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/10/'>
October
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/09/'>
September
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/08/'>
August
</a>
<span class='post-count' dir='ltr'>(5)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/07/'>
July
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/06/'>
June
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/05/'>
May
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/04/'>
April
</a>
<span class='post-count' dir='ltr'>(7)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/03/'>
March
</a>
<span class='post-count' dir='ltr'>(8)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/02/'>
February
</a>
<span class='post-count' dir='ltr'>(7)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2015/01/'>
January
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/'>
2014
</a>
<span class='post-count' dir='ltr'>(67)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/12/'>
December
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/11/'>
November
</a>
<span class='post-count' dir='ltr'>(5)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/10/'>
October
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/09/'>
September
</a>
<span class='post-count' dir='ltr'>(10)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/08/'>
August
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/07/'>
July
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/06/'>
June
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/05/'>
May
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/04/'>
April
</a>
<span class='post-count' dir='ltr'>(10)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/03/'>
March
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/02/'>
February
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2014/01/'>
January
</a>
<span class='post-count' dir='ltr'>(8)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/'>
2013
</a>
<span class='post-count' dir='ltr'>(30)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/12/'>
December
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/11/'>
November
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/10/'>
October
</a>
<span class='post-count' dir='ltr'>(5)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/09/'>
September
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/08/'>
August
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/07/'>
July
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/06/'>
June
</a>
<span class='post-count' dir='ltr'>(1)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/05/'>
May
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/04/'>
April
</a>
<span class='post-count' dir='ltr'>(1)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/03/'>
March
</a>
<span class='post-count' dir='ltr'>(1)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/02/'>
February
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2013/01/'>
January
</a>
<span class='post-count' dir='ltr'>(5)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/'>
2012
</a>
<span class='post-count' dir='ltr'>(53)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/12/'>
December
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/11/'>
November
</a>
<span class='post-count' dir='ltr'>(1)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/10/'>
October
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/09/'>
September
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/08/'>
August
</a>
<span class='post-count' dir='ltr'>(7)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/07/'>
July
</a>
<span class='post-count' dir='ltr'>(7)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/06/'>
June
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/05/'>
May
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/04/'>
April
</a>
<span class='post-count' dir='ltr'>(5)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/03/'>
March
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/02/'>
February
</a>
<span class='post-count' dir='ltr'>(7)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2012/01/'>
January
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/'>
2011
</a>
<span class='post-count' dir='ltr'>(23)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/12/'>
December
</a>
<span class='post-count' dir='ltr'>(1)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/11/'>
November
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/10/'>
October
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/09/'>
September
</a>
<span class='post-count' dir='ltr'>(1)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/08/'>
August
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/07/'>
July
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/06/'>
June
</a>
<span class='post-count' dir='ltr'>(1)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/05/'>
May
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/04/'>
April
</a>
<span class='post-count' dir='ltr'>(1)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/03/'>
March
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/02/'>
February
</a>
<span class='post-count' dir='ltr'>(1)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2011/01/'>
January
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/'>
2010
</a>
<span class='post-count' dir='ltr'>(93)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/12/'>
December
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/11/'>
November
</a>
<span class='post-count' dir='ltr'>(2)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/10/'>
October
</a>
<span class='post-count' dir='ltr'>(4)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/09/'>
September
</a>
<span class='post-count' dir='ltr'>(7)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/08/'>
August
</a>
<span class='post-count' dir='ltr'>(9)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/07/'>
July
</a>
<span class='post-count' dir='ltr'>(11)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/06/'>
June
</a>
<span class='post-count' dir='ltr'>(12)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/05/'>
May
</a>
<span class='post-count' dir='ltr'>(5)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/04/'>
April
</a>
<span class='post-count' dir='ltr'>(12)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/03/'>
March
</a>
<span class='post-count' dir='ltr'>(10)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/02/'>
February
</a>
<span class='post-count' dir='ltr'>(7)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2010/01/'>
January
</a>
<span class='post-count' dir='ltr'>(10)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/'>
2009
</a>
<span class='post-count' dir='ltr'>(146)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/12/'>
December
</a>
<span class='post-count' dir='ltr'>(14)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/11/'>
November
</a>
<span class='post-count' dir='ltr'>(10)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/10/'>
October
</a>
<span class='post-count' dir='ltr'>(12)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/09/'>
September
</a>
<span class='post-count' dir='ltr'>(13)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/08/'>
August
</a>
<span class='post-count' dir='ltr'>(9)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/07/'>
July
</a>
<span class='post-count' dir='ltr'>(19)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/06/'>
June
</a>
<span class='post-count' dir='ltr'>(11)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/05/'>
May
</a>
<span class='post-count' dir='ltr'>(13)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/04/'>
April
</a>
<span class='post-count' dir='ltr'>(10)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/03/'>
March
</a>
<span class='post-count' dir='ltr'>(11)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/02/'>
February
</a>
<span class='post-count' dir='ltr'>(13)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2009/01/'>
January
</a>
<span class='post-count' dir='ltr'>(11)</span>
</li>
</ul>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2008/'>
2008
</a>
<span class='post-count' dir='ltr'>(37)</span>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2008/12/'>
December
</a>
<span class='post-count' dir='ltr'>(12)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2008/11/'>
November
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2008/10/'>
October
</a>
<span class='post-count' dir='ltr'>(7)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2008/09/'>
September
</a>
<span class='post-count' dir='ltr'>(6)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2008/08/'>
August
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
<ul class='hierarchy'>
<li class='archivedate collapsed'>
<a class='toggle' href='javascript:void(0)'>
<span class='zippy'>

                          &#9658;&#160;
                        
</span>
</a>
<a class='post-count-link' href='https://blog.talosintelligence.com/2008/05/'>
May
</a>
<span class='post-count' dir='ltr'>(3)</span>
</li>
</ul>
</li>
</ul>
</div>
</div>
<div class='clear'></div>
</div>
</div><div class='widget BlogList' data-version='1' id='BlogList1'>
<h2 class='title'>Recommended Blogs</h2>
<div class='widget-content'>
<div class='blog-list-container' id='BlogList1_container'>
<ul id='BlogList1_blogs'>
<li style='display: block;'>
<div class='blog-icon'>
</div>
<div class='blog-content'>
<div class='blog-title'>
<a href='https://blogs.cisco.com' target='_blank'>
Cisco Blog</a>
</div>
<div class='item-content'>
<span class='item-title'>
<a href='https://blogs.cisco.com/sp/wholesale-carriers-benefit-from-the-cisco-qwilt-solution' target='_blank'>
Wholesale Carriers Benefit from the Cisco/Qwilt Solution
</a>
</span>
</div>
</div>
<div style='clear: both;'></div>
</li>
<li style='display: block;'>
<div class='blog-icon'>
</div>
<div class='blog-content'>
<div class='blog-title'>
<a href='http://blog.clamav.net/' target='_blank'>
ClamAV&#174; blog</a>
</div>
<div class='item-content'>
<span class='item-title'>
<a href='http://blog.clamav.net/2022/05/celebrating-20-years-of-clamav.html' target='_blank'>
Celebrating 20 years of ClamAV
</a>
</span>
</div>
</div>
<div style='clear: both;'></div>
</li>
<li style='display: block;'>
<div class='blog-icon'>
</div>
<div class='blog-content'>
<div class='blog-title'>
<a href='http://blog.snort.org/' target='_blank'>
Snort Blog</a>
</div>
<div class='item-content'>
<span class='item-title'>
<a href='http://blog.snort.org/2022/04/weekly-snort-rule-update-for-march-25.html' target='_blank'>
Weekly Snort rule update for March 25 - April 1
</a>
</span>
</div>
</div>
<div style='clear: both;'></div>
</li>
</ul>
<div class='clear'></div>
</div>
</div>
</div></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<footer id='footer'>
<div class='container'>
<div class='row footer_nav_wrapper'>
<div class='col-md-9 col-sm-12'>
<ul class='footer_nav'>
<li class='list_col'>
<ul class='nopad'>
<li class='nopad'>
<ul class='pad first top'>
<li>
<a href='https://talosintelligence.com/software'>Software</a>
</li>
<li>
<a href='https://talosintelligence.com/reputation_center'>Reputation Center</a>
</li>
<li>
<a href='https://talosintelligence.com/vulnerability_info'>Vulnerability Information</a>
</li>
<li>
<a href='https://talosintelligence.com/ms_advisories'>Microsoft Advisory Snort Rules</a>
</li>
</ul>
</li>
<li class='list_col'>
<ul class='pad second'>
<li>
<a href='https://www.talosintelligence.com/incident_response' target='_blank'>Incident Response</a>
</li>
<li>
<a href='https://talosintelligence.com/secure-endpoint-naming'>Secure Endpoint Naming Conventions</a>
</li>
<li>
<a href='https://talosintelligence.com/talos_file_reputation'>Talos File Reputation</a>
</li>
</ul>
</li>
</ul>
</li>
<li class='list_col'>
<ul class='nopad'>
<li class='nopad'>
<ul class='pad first last'>
<li>
<a href='https://talosintelligence.com/resources'>Library</a>
</li>
<li>
<a href='https://talosintelligence.com/community'>Support Communities</a>
</li>
<li>
<a href='https://talosintelligence.com/about'>About</a>
</li>
<li>
<a href='https://talosintelligence.com/careers'>Careers</a>
</li>
</ul>
</li>
<li class='list_col'>
<ul class='pad second last'>
<li>
<a href='https://blog.talosintelligence.com'>Talos Blog</a>
</li>
<li>
<a href='https://talosintelligence.com/newsletters'>Threat Source Newsletter</a>
</li>
<li>
<a href='https://talosintelligence.com/podcasts/shows/beers_with_talos'>Beers with Talos Podcast</a>
</li>
<li>
<a href='https://talosintelligence.com/podcasts/shows/talos_takes'>Talos Takes Podcast</a>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
<div class='col-md-3 col-sm-12 connect_social'>
<h5>Connect With Us</h5>
<ul>
<li>
<a href='https://twitter.com/talossecurity' target='_blank'>
<img alt='Follow us on Twitter' src='https://www.talosintelligence.com/assets/footer_icon_tw.svg'/>
</a>
</li>
<li>
<a href='https://www.youtube.com/playlist?list=PLFT-9JpKjRTDn_qtGN238gzycJfaVzMqD' target='_blank'>
<img alt='Watch our informational videos on YouTube' src='https://www.talosintelligence.com/assets/footer_icon_yt.svg'/>
</a>
</li>
<li>
<a href='https://www.linkedin.com/company/cisco-talos-intelligence-group/' target='_blank'>
<img alt='Connect with us on LinkedIn' src='https://www.talosintelligence.com/assets/footer_icon_li.svg'/>
</a>
</li>
</ul>
</div>
</div>
<div class='row'>
<div class='col-xs-12 footer_corporate'>
<a href="https://tools.cisco.com/security/center/home.x" target='_blank'>
<img alt='Cisco' src='https://www.talosintelligence.com/assets/logo_cisco_white.svg'/>
</a>
<p class='copyright'>&#169; <span id='copyright-year'></span> Cisco Systems, Inc. and/or its affiliates. All rights reserved. 
          
			View our <a class='copyright-underline underline' href='https://www.cisco.com/web/siteassets/legal/privacy_full.html' target='_blank'>Privacy Policy</a>.
		</p>
<script type='text/javascript'>
			document.getElementById('copyright-year').appendChild(document.createTextNode(new Date().getFullYear())) 
		</script>
</div>
</div>
</div>
</footer>
<script>
  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
  })(window,document,'script','https://www.google-analytics.com/analytics.js','ga');

  ga('create', 'UA-30016562-3', 'auto');
  ga('send', 'pageview');

 

</script>
<!--It is your responsibility to notify your visitors about cookies used and data collected on your blog. Blogger makes a standard notification available for you to use on your blog, and you can customise it or replace it with your own notice. See http://www.blogger.com/go/cookiechoices for more details.-->
<script defer='' src='/js/cookienotice.js'></script>
<script>
    document.addEventListener('DOMContentLoaded', function(event) {
      window.cookieChoices && cookieChoices.showCookieConsentBar && cookieChoices.showCookieConsentBar(
          (window.cookieOptions && cookieOptions.msg) || 'This site uses cookies from Google to deliver its services and to analyse traffic. Your IP address and user agent are shared with Google, together with performance and security metrics, to ensure quality of service, generate usage statistics and to detect and address abuse.',
          (window.cookieOptions && cookieOptions.close) || 'Ok',
          (window.cookieOptions && cookieOptions.learn) || 'Learn more',
          (window.cookieOptions && cookieOptions.link) || 'https://www.blogger.com/go/blogspot-cookies');
    });
  </script>

<script type="text/javascript" src="https://www.blogger.com/static/v1/widgets/1502135753-widgets.js"></script>
<script type='text/javascript'>
window['__wavt'] = 'AOuZoY5zbSyVt3S_c8LOodeD-2we7NlD6g:1652222150747';_WidgetManager._Init('//www.blogger.com/rearrange?blogID\x3d1029833275466591797','//blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html','1029833275466591797');
_WidgetManager._SetDataContext([{'name': 'blog', 'data': {'blogId': '1029833275466591797', 'title': 'Cisco Talos Intelligence Group - Comprehensive Threat Intelligence', 'url': 'https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html', 'canonicalUrl': 'http://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html', 'homepageUrl': 'https://blog.talosintelligence.com/', 'searchUrl': 'https://blog.talosintelligence.com/search', 'canonicalHomepageUrl': 'http://blog.talosintelligence.com/', 'blogspotFaviconUrl': 'https://blog.talosintelligence.com/favicon.ico', 'bloggerUrl': 'https://www.blogger.com', 'hasCustomDomain': true, 'httpsEnabled': true, 'enabledCommentProfileImages': false, 'gPlusViewType': 'FILTERED_POSTMOD', 'adultContent': false, 'analyticsAccountNumber': 'UA-30016562-3', 'encoding': 'UTF-8', 'locale': 'en', 'localeUnderscoreDelimited': 'en', 'languageDirection': 'ltr', 'isPrivate': false, 'isMobile': false, 'isMobileRequest': false, 'mobileClass': '', 'isPrivateBlog': false, 'isDynamicViewsAvailable': true, 'feedLinks': '\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cisco Talos Intelligence Group - Comprehensive Threat Intelligence - Atom\x22 href\x3d\x22https://blog.talosintelligence.com/feeds/posts/default\x22 /\x3e\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/rss+xml\x22 title\x3d\x22Cisco Talos Intelligence Group - Comprehensive Threat Intelligence - RSS\x22 href\x3d\x22https://blog.talosintelligence.com/feeds/posts/default?alt\x3drss\x22 /\x3e\n\x3clink rel\x3d\x22service.post\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cisco Talos Intelligence Group - Comprehensive Threat Intelligence - Atom\x22 href\x3d\x22https://www.blogger.com/feeds/1029833275466591797/posts/default\x22 /\x3e\n\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cisco Talos Intelligence Group - Comprehensive Threat Intelligence - Atom\x22 href\x3d\x22https://blog.talosintelligence.com/feeds/1664675579510275690/comments/default\x22 /\x3e\n', 'meTag': '', 'adsenseHostId': 'ca-host-pub-1556223355139109', 'adsenseHasAds': false, 'adsenseAutoAds': false, 'ieCssRetrofitLinks': '\x3c!--[if IE]\x3e\x3cscript type\x3d\x22text/javascript\x22 src\x3d\x22https://www.blogger.com/static/v1/jsbin/2068738220-ieretrofit.js\x22\x3e\x3c/script\x3e\n\x3c![endif]--\x3e', 'boqCommentIframeForm': true, 'loginRedirectParam': '', 'view': '', 'dynamicViewsCommentsSrc': '//www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js', 'dynamicViewsScriptSrc': '//www.blogblog.com/dynamicviews/30c128759d984ff9', 'plusOneApiSrc': 'https://apis.google.com/js/plusone.js', 'disableGComments': true, 'sharing': {'platforms': [{'name': 'Get link', 'key': 'link', 'shareMessage': 'Get link', 'target': ''}, {'name': 'Facebook', 'key': 'facebook', 'shareMessage': 'Share to Facebook', 'target': 'facebook'}, {'name': 'BlogThis!', 'key': 'blogThis', 'shareMessage': 'BlogThis!', 'target': 'blog'}, {'name': 'Twitter', 'key': 'twitter', 'shareMessage': 'Share to Twitter', 'target': 'twitter'}, {'name': 'Pinterest', 'key': 'pinterest', 'shareMessage': 'Share to Pinterest', 'target': 'pinterest'}, {'name': 'Email', 'key': 'email', 'shareMessage': 'Email', 'target': 'email'}], 'disableGooglePlus': true, 'googlePlusShareButtonWidth': 0, 'googlePlusBootstrap': '\x3cscript type\x3d\x22text/javascript\x22\x3ewindow.___gcfg \x3d {\x27lang\x27: \x27en\x27};\x3c/script\x3e'}, 'hasCustomJumpLinkMessage': false, 'jumpLinkMessage': 'Read more', 'pageType': 'item', 'postId': '1664675579510275690', 'pageName': 'An introduction to offensive capabilities of Active Directory on UNIX', 'pageTitle': 'Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: An introduction to offensive capabilities of Active Directory on UNIX', 'metaDescription': ''}}, {'name': 'features', 'data': {'sharing_get_link_dialog': 'true', 'sharing_native': 'false'}}, {'name': 'messages', 'data': {'edit': 'Edit', 'linkCopiedToClipboard': 'Link copied to clipboard!', 'ok': 'Ok', 'postLink': 'Post Link'}}, {'name': 'template', 'data': {'name': 'custom', 'localizedName': 'Custom', 'isResponsive': false, 'isAlternateRendering': false, 'isCustom': true}}, {'name': 'view', 'data': {'classic': {'name': 'classic', 'url': '?view\x3dclassic'}, 'flipcard': {'name': 'flipcard', 'url': '?view\x3dflipcard'}, 'magazine': {'name': 'magazine', 'url': '?view\x3dmagazine'}, 'mosaic': {'name': 'mosaic', 'url': '?view\x3dmosaic'}, 'sidebar': {'name': 'sidebar', 'url': '?view\x3dsidebar'}, 'snapshot': {'name': 'snapshot', 'url': '?view\x3dsnapshot'}, 'timeslide': {'name': 'timeslide', 'url': '?view\x3dtimeslide'}, 'isMobile': false, 'title': 'An introduction to offensive capabilities of Active Directory on UNIX', 'description': 'A blog from the world class Intelligence Group, Talos, Cisco\x27s Intelligence Group', 'url': 'https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html', 'type': 'item', 'isSingleItem': true, 'isMultipleItems': false, 'isError': false, 'isPage': false, 'isPost': true, 'isHomepage': false, 'isArchive': false, 'isLabelSearch': false, 'postId': 1664675579510275690}}]);
_WidgetManager._RegisterWidget('_BlogView', new _WidgetInfo('Blog1', 'main', document.getElementById('Blog1'), {'cmtInteractionsEnabled': false}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML1', 'sidebar', document.getElementById('HTML1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML2', 'sidebar', document.getElementById('HTML2'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_SubscribeView', new _WidgetInfo('Subscribe1', 'sidebar', document.getElementById('Subscribe1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_BlogArchiveView', new _WidgetInfo('BlogArchive1', 'sidebar', document.getElementById('BlogArchive1'), {'languageDirection': 'ltr', 'loadingMessage': 'Loading\x26hellip;'}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_BlogListView', new _WidgetInfo('BlogList1', 'sidebar', document.getElementById('BlogList1'), {'numItemsToShow': 0, 'totalItems': 3}, 'displayModeFull'));
</script>
<script defer src="https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194" integrity="sha512-Gi7xpJR8tSkrpF7aordPZQlW2DLtzUlZcumS8dMQjwDHEnw9I7ZLyiOj/6tZStRBGtGgN6ceN6cMH8z7etPGlw==" data-cf-beacon='{"rayId":"7096267939c8549a","token":"35f8ae698f9d471b83b846a751388737","version":"2021.12.0","si":100}' crossorigin="anonymous"></script>
</body>
</html>